File _patchinfo of Package patchinfo.12486
<patchinfo incident="12486">
<packager>hpjansson</packager>
<rating>moderate</rating>
<issue tracker="bnc" id="1170571">FIPS: mozilla-nss: Softoken POSTs for new DSA and ECDSA hash-and-sign update functions.</issue>
<issue tracker="bnc" id="1170572">FIPS: mozilla-nss: pairwise consistency check for CKM_SHA224_RSA_PKCS.</issue>
<category>recommended</category>
<summary>Recommended update for mozilla-nss</summary>
<description>This update for mozilla-nss fixes the following issues:
- FIPS: Add Softoken POSTs for new DSA and ECDSA hash-and-sign update functions. (bsc#1170571)
- FIPS: Add pairwise consistency check for CKM_SHA224_RSA_PKCS. Remove ditto checks
for CKM_RSA_PKCS, CKM_DSA and CKM_ECDSA, since these are served
by the new CKM_SHA224_RSA_PKCS, CKM_DSA_SHA224, CKM_ECDSA_SHA224
checks.
- FIPS: Replace bad attempt at unconditional nssdbm checksumming with
a dlopen(), so it can be located consistently and perform its own
self-tests.
- FIPS: This fixes an instance of inverted logic due to a boolean being mistaken for
a SECStatus, which caused key derivation to fail when the caller
provided a valid subprime.
This update was imported from the SUSE:SLE-15:Update update project.</description>
</patchinfo>