SUSE-RU-2019:2025-2: moderate: Recommended update for mozilla-nspr, mozilla-nss
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Fri Aug 16 16:13:23 MDT 2019
SUSE Recommended Update: Recommended update for mozilla-nspr, mozilla-nss
______________________________________________________________________________
Announcement ID: SUSE-RU-2019:2025-2
Rating: moderate
References: #1141322
Affected Products:
SUSE Enterprise Storage 5
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update for mozilla-nspr, mozilla-nss fixes the following issues:
mozilla-nss was updated to NSS 3.45 (bsc#1141322):
* New function in pk11pub.h: PK11_FindRawCertsWithSubject
* The following CA certificates were Removed: CN = Certinomis - Root CA
(bmo#1552374)
* Implement Delegated Credentials (draft-ietf-tls-subcerts) (bmo#1540403)
This adds a new experimental function SSL_DelegateCredential Note: In
3.45, selfserv does not yet support delegated credentials (See
bmo#1548360). Note: In 3.45 the SSLChannelInfo is left unmodified, while
an upcoming change in 3.46 will set SSLChannelInfo.authKeyBits to that
of the delegated credential for better policy enforcement (See
bmo#1563078).
* Replace ARM32 Curve25519 implementation with one from fiat-crypto
(bmo#1550579)
* Expose a function PK11_FindRawCertsWithSubject for finding certificates
with a given subject on a given slot (bmo#1552262)
* Add IPSEC IKE support to softoken (bmo#1546229)
* Add support for the Elbrus lcc compiler (<=1.23) (bmo#1554616)
* Expose an external clock for SSL (bmo#1543874) This adds new
experimental functions: SSL_SetTimeFunc, SSL_CreateAntiReplayContext,
SSL_SetAntiReplayContext, and SSL_ReleaseAntiReplayContext. The
experimental function SSL_InitAntiReplay is removed.
* Various changes in response to the ongoing FIPS review (bmo#1546477)
Note: The source package size has increased substantially due to the new
FIPS test vectors. This will likely prompt follow-on work, but please
accept our apologies in the meantime.
mozilla-nspr was updated to version 4.21:
* Changed prbit.h to use builtin function on aarch64.
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Enterprise Storage 5:
zypper in -t patch SUSE-Storage-5-2019-2025=1
Package List:
- SUSE Enterprise Storage 5 (aarch64):
libfreebl3-3.45-58.31.1
libfreebl3-debuginfo-3.45-58.31.1
libfreebl3-hmac-3.45-58.31.1
libsoftokn3-3.45-58.31.1
libsoftokn3-debuginfo-3.45-58.31.1
libsoftokn3-hmac-3.45-58.31.1
mozilla-nspr-4.21-19.9.1
mozilla-nspr-debuginfo-4.21-19.9.1
mozilla-nspr-debugsource-4.21-19.9.1
mozilla-nss-3.45-58.31.1
mozilla-nss-certs-3.45-58.31.1
mozilla-nss-certs-debuginfo-3.45-58.31.1
mozilla-nss-debuginfo-3.45-58.31.1
mozilla-nss-debugsource-3.45-58.31.1
mozilla-nss-sysinit-3.45-58.31.1
mozilla-nss-sysinit-debuginfo-3.45-58.31.1
mozilla-nss-tools-3.45-58.31.1
mozilla-nss-tools-debuginfo-3.45-58.31.1
References:
https://bugzilla.suse.com/1141322
More information about the sle-updates
mailing list