File _patchinfo of Package patchinfo.26579

<patchinfo incident="26579">
  <issue tracker="bnc" id="1201298">FIPS: NSS uses DSA for shared library integrity checking, mark DSA sigverify as APPROVED, rest as NOT-APPROVED in the SLI</issue>
  <issue tracker="bnc" id="1191546">FIPS: mozilla-nss: service level indicator</issue>
  <issue tracker="bnc" id="1204729">VUL-0: mozilla-nss: update to 3.79.2esr</issue>
  <issue tracker="bnc" id="1198980">FIPS: NSS on-demand integrity tests</issue>
  <packager>MSirringhaus</packager>
  <rating>moderate</rating>
  <category>recommended</category>
  <summary>Recommended update for mozilla-nspr, mozilla-nss</summary>
  <description>This update for mozilla-nspr, mozilla-nss fixes the following issues:

mozilla-nspr was updated to version 4.34.1:

* add file descriptor sanity checks in the NSPR poll function.

mozilla-nss was updated to NSS 3.79.2 (bsc#1204729)

* Bump minimum NSPR version to 4.34.1.
* Gracefully handle null nickname in CERT_GetCertNicknameWithValidity.

Other issues fixed:

- FIPS: Allow the use of DSA keys (verification only) (bsc#1201298).
- FIPS: Add sftk_FIPSRepeatIntegrityCheck() to softoken's .def file (bsc#1198980).
- FIPS: Allow the use of longer symmetric keys via the service level indicator (bsc#1191546).
- FIPS: Hopefully export sftk_FIPSRepeatIntegrityCheck() correctly (bsc#1198980).
- FIPS: Prevent sessions from getting flagged as non-FIPS (bsc#1191546).
- FIPS: Mark DSA keygen unapproved (bsc#1191546, bsc#1201298).
- FIPS: Prevent keys from getting flagged as non-FIPS and add remaining TLS mechanisms.
- FIPS: Fixed an abort() when both NSS_FIPS and /proc FIPS mode are enabled.
</description>
</patchinfo>