http://www.mozi...">Security update for libfreebl3 (important) - vulnerability database | Vulners.comhttp://www.mozi...">http://www.mozi...">http://www.mozi...">
Lucene search

K
suseSuseSUSE-SU-2011:1042-2
HistorySep 26, 2011 - 6:08 p.m.

Security update for libfreebl3 (important)

2011-09-2618:08:22
lists.opensuse.org
10
security update
libfreebl3
mozilla nss
diginotar
certificate authority
mozilla nspr
version 4.8.9

This update updates Mozilla NSS to 3.12.11.

The update marks the compromised DigiNotar Certificate
Authority as untrusted

For more information read:

MFSA 2011-34
<<a href=“http://www.mozilla.org/security/announce/2011/mfsa2011-34.h”>http://www.mozilla.org/security/announce/2011/mfsa2011-34.h</a>
tml>

  • update to 3.12.10 o root CA changes o filter certain
    bogus certs (bmo#642815) o fix minor memory leaks o other
    bugfixes
  • update to 3.12.9 o fix minor memory leaks
    (bmo#619268) o fix crash in nss_cms_decoder_work_data
    (bmo#607058) o fix crash in certutil (bmo#620908) o handle
    invalid argument in JPAKE (bmo#609068) o J-PAKE support
    (API requirement for Firefox >= 4.0b8)
  • replaced expired PayPal test certificate (fixing
    testsuite)
  • removed DigiNotar root certifiate from trusted db
    (bmo#682927)

This update also brings the prerequired Mozilla NSPR to
version 4.8.9.

  • update to 4.8.9
  • update to 4.8.8 o support IPv6 on Android
    (bmo#626866) o use AI_ADDRCONFIG for loopback hostnames
    (bmo#614526) o support SDP sockets (bmo#518078) o support
    m32r architecture (bmo#635667) o use atomic functions on
    ARM (bmo#626309) o some other fixes not affecting the Linux
    platform