Security update for Mozilla NSS (important)

ID SUSE-SU-2011:1042-1
Type suse
Reporter Suse
Modified 2011-09-15T17:08:16


This update updates Mozilla NSS to 3.12.11.

The update marks the compromised DigiNotar Certificate Authority as untrusted

For more information read:

MFSA 2011-34 <<a rel="nofollow" href=""></a> tml>

  • update to 3.12.10 o root CA changes o filter certain bogus certs (bmo#642815) o fix minor memory leaks o other bugfixes
  • update to 3.12.9 o fix minor memory leaks (bmo#619268) o fix crash in nss_cms_decoder_work_data (bmo#607058) o fix crash in certutil (bmo#620908) o handle invalid argument in JPAKE (bmo#609068) o J-PAKE support (API requirement for Firefox >= 4.0b8)
  • replaced expired PayPal test certificate (fixing testsuite)
  • removed DigiNotar root certifiate from trusted db (bmo#682927)

This update also brings the prerequired Mozilla NSPR to version 4.8.9.

  • update to 4.8.9
  • update to 4.8.8 o support IPv6 on Android (bmo#626866) o use AI_ADDRCONFIG for loopback hostnames (bmo#614526) o support SDP sockets (bmo#518078) o support m32r architecture (bmo#635667) o use atomic functions on ARM (bmo#626309) o some other fixes not affecting the Linux platform