Overview

File _patchinfo of Package patchinfo.26578

<patchinfo incident="26578">
  <issue tracker="bnc" id="1204729">VUL-0: mozilla-nss: update to 3.79.2esr</issue>
  <issue tracker="bnc" id="1201298">FIPS: NSS uses DSA for shared library integrity checking, mark DSA sigverify as APPROVED, rest as NOT-APPROVED in the SLI</issue>
  <issue tracker="bnc" id="1202870">FIPS: [NSS] DRBG needs to use libjitterentropy</issue>
  <issue tracker="bnc" id="1198980">FIPS: NSS on-demand integrity tests</issue>
  <issue tracker="bnc" id="1191546">FIPS: mozilla-nss: service level indicator</issue>
  <packager>MSirringhaus</packager>
  <rating>moderate</rating>
  <category>recommended</category>
  <summary>Recommended update for mozilla-nspr, mozilla-nss</summary>
  <description>This update for mozilla-nspr, mozilla-nss fixes the following issues:

mozilla-nspr was updated to version 4.34.1:

* add file descriptor sanity checks in the NSPR poll function.

mozilla-nss was updated to NSS 3.79.2 (bsc#1204729):

* Bump minimum NSPR version to 4.34.1.
* Gracefully handle null nickname in CERT_GetCertNicknameWithValidity.

Other fixes that were applied:

- FIPS: Allow the use of DSA keys (verification only) (bsc#1201298).
- FIPS: Add sftk_FIPSRepeatIntegrityCheck() to softoken's .def file
  (bsc#1198980).
- FIPS: Allow the use of longer symmetric keys via the service level indicator
  (bsc#1191546).
- FIPS: Prevent TLS sessions from getting flagged as non-FIPS (bsc#1191546).
- FIPS: Mark DSA keygen unapproved (bsc#1191546, bsc#1201298).
- FIPS: Use libjitterentropy for entropy (bsc#1202870).
- FIPS: Fixed an abort() when both NSS_FIPS and /proc FIPS mode are enabled.
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places