Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
patchinfo.3000
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.3000
<patchinfo incident="3000"> <issue id="975394" tracker="bnc">Enable "exec" option for the NSSPassPhraseDialog directive in mod_nss</issue> <issue id="972968" tracker="bnc">Apache fails to prompt for a passphrase</issue> <issue id="979688" tracker="bnc">apache2-mod_nss - version upgrade to 1.0.14 or newer</issue> <issue id="2015-5244" tracker="cve" /> <issue id="2013-4566" tracker="cve" /> <issue id="2016-3099" tracker="cve" /> <issue id="2014-3566" tracker="cve" /> <issue id="320764" tracker="fate" /> <category>security</category> <rating>moderate</rating> <packager>vitezslav_cizek</packager> <description> This update provides apache2-mod_nss 1.0.14, which brings several fixes and enhancements: - Fix OpenSSL ciphers stopped parsing at +. (CVE-2016-3099) - Created valgrind suppression files to ease debugging. - Implement SSL_PPTYPE_FILTER to call executables to get the key password pins. - Improvements to migrate.pl. - Update default ciphers to something more modern and secure. - Check for host and netstat commands in gencert before trying to use them. - Add server support for DHE ciphers. - Extract SAN from server/client certificates into env - Fix memory leaks and other coding issues caught by clang analyzer. - Add support for Server Name Indication (SNI). - Add support for SNI for reverse proxy connections. - Add RenegBufferSize? option. - Add support for TLS Session Tickets (RFC 5077). - Fix logical AND support in OpenSSL cipher compatibility. - Correctly handle disabled ciphers. (CVE-2015-5244) - Implement a slew more OpenSSL cipher macros. - Fix a number of illegal memory accesses and memory leaks. - Support for SHA384 ciphers if they are available in NSS. - Add compatibility for mod_ssl-style cipher definitions. - Add TLSv1.2-specific ciphers. - Completely remove support for SSLv2. - Add support for sqlite NSS databases. - Compare subject CN and VS hostname during server start up. - Add support for enabling TLS v1.2. - Don't enable SSL 3 by default. (CVE-2014-3566) - Fix CVE-2013-4566. - Move nss_pcache to /usr/libexec. - Support httpd 2.4+. - Use apache2-systemd-ask-pass to prompt for a certificate passphrase. (bsc#972968, bsc#975394) </description> <summary>Security update for apache2-mod_nss</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor