Overview
Request 206413 accepted
- update to 3.15.2 (bnc#842979)
* Support for AES-GCM ciphersuites that use the SHA-256 PRF
* MD2, MD4, and MD5 signatures are no longer accepted for OCSP
or CRLs
* Add PK11_CipherFinal macro
* sizeof() used incorrectly
* nssutil_ReadSecmodDB() leaks memory
* Allow SSL_HandshakeNegotiatedExtension to be called before
the handshake is finished.
* Deprecate the SSL cipher policy code
* Avoid uninitialized data read in the event of a decryption
failure. (CVE-2013-1739)
Request History
lijews created request
- update to 3.15.2 (bnc#842979)
* Support for AES-GCM ciphersuites that use the SHA-256 PRF
* MD2, MD4, and MD5 signatures are no longer accepted for OCSP
or CRLs
* Add PK11_CipherFinal macro
* sizeof() used incorrectly
* nssutil_ReadSecmodDB() leaks memory
* Allow SSL_HandshakeNegotiatedExtension to be called before
the handshake is finished.
* Deprecate the SSL cipher policy code
* Avoid uninitialized data read in the event of a decryption
failure. (CVE-2013-1739)
lijews accepted request