Overview

File _patchinfo of Package patchinfo.25598

<patchinfo incident="25598">
  <issue tracker="bnc" id="1201298">FIPS: NSS uses DSA for shared library integrity checking, mark DSA sigverify as APPROVED, rest as NOT-APPROVED in the SLI</issue>
  <issue tracker="bnc" id="1202645">VUL-0: MozillaFirefox / MozillaThunderbird: update to 104 and 102.2esr/91.13esr</issue>
  <packager>MSirringhaus</packager>
  <rating>moderate</rating>
  <category>recommended</category>
  <summary>Recommended update for mozilla-nss</summary>
  <description>This update for mozilla-nss fixes the following issues:

Update to NSS 3.79.1 (bsc#1202645)

* compare signature and signatureAlgorithm fields in legacy certificate verifier.
* Uninitialized value in cert_ComputeCertType.
* protect SFTKSlot needLogin with slotLock.
* avoid data race on primary password change.
* check for null template in sec_asn1{d,e}_push_state.

- FIPS: unapprove the rest of the DSA ciphers, keeping signature verification only (bsc#1201298).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places