[ubuntu/oneiric] nss 3.12.9+ckbi-1.82-0ubuntu5 (Accepted)

Micah Gersten micahg at ubuntu.com
Fri Sep 9 18:05:28 UTC 2011


nss (3.12.9+ckbi-1.82-0ubuntu5) oneiric; urgency=low

  * SECURITY UPDATE: Add patch from Debian version 3.12.11-3 rebased against
    3.12.9 to remove the DigiNotar certificates and actively distrust them;
    Thanks to Mike Hommey from Debian for the original patch (LP: #837557)
    - mozilla/security/nss/lib/ckfw/builtins/certdata.*:
      Explicitely distrust various DigiNotar CAs:
      - DigiNotar Root CA
      - DigiNotar Services 1024 CA
      - DigiNotar Cyber CA
      - DigiNotar Cyber CA 2nd
      - DigiNotar PKIoverheid
      - DigiNotar PKIoverheid G2
    - mozilla/security/nss/lib/ckfw/builtins/certdata.*:
      Remove DigiNotar Root CA.
  * Add a symlink from Linux2.6.mk to Linux3.0.mk; This is a temporary hack to
    let NSS build on a 3.0.x kernel
    - update debian/rules

Date: Fri, 09 Sep 2011 11:57:13 -0500
Changed-By: Micah Gersten <micahg at ubuntu.com>
Maintainer: Ubuntu Mozilla Team <ubuntu-mozillateam at lists.ubuntu.com>
Signed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/oneiric/+source/nss/3.12.9+ckbi-1.82-0ubuntu5
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 09 Sep 2011 11:57:13 -0500
Source: nss
Binary: libnss3 libnss3-1d libnss3-tools libnss3-dev libnss3-dbg
Architecture: source
Version: 3.12.9+ckbi-1.82-0ubuntu5
Distribution: oneiric
Urgency: low
Maintainer: Ubuntu Mozilla Team <ubuntu-mozillateam at lists.ubuntu.com>
Changed-By: Micah Gersten <micahg at ubuntu.com>
Description: 
 libnss3    - Network Security Service libraries
 libnss3-1d - Network Security Service libraries
 libnss3-dbg - Development files for the Network Security Service libraries
 libnss3-dev - Development files for the Network Security Service libraries
 libnss3-tools - Network Security Service tools
Launchpad-Bugs-Fixed: 837557
Changes: 
 nss (3.12.9+ckbi-1.82-0ubuntu5) oneiric; urgency=low
 .
   * SECURITY UPDATE: Add patch from Debian version 3.12.11-3 rebased against
     3.12.9 to remove the DigiNotar certificates and actively distrust them;
     Thanks to Mike Hommey from Debian for the original patch (LP: #837557)
     - mozilla/security/nss/lib/ckfw/builtins/certdata.*:
       Explicitely distrust various DigiNotar CAs:
       - DigiNotar Root CA
       - DigiNotar Services 1024 CA
       - DigiNotar Cyber CA
       - DigiNotar Cyber CA 2nd
       - DigiNotar PKIoverheid
       - DigiNotar PKIoverheid G2
     - mozilla/security/nss/lib/ckfw/builtins/certdata.*:
       Remove DigiNotar Root CA.
   * Add a symlink from Linux2.6.mk to Linux3.0.mk; This is a temporary hack to
     let NSS build on a 3.0.x kernel
     - update debian/rules
Checksums-Sha1: 
 6a848d56ec94aed09b4e0156bf3145924d01a35a 2044 nss_3.12.9+ckbi-1.82-0ubuntu5.dsc
 6bfc808266cde2fc9c85e35721deaca14623d56c 66099 nss_3.12.9+ckbi-1.82-0ubuntu5.diff.gz
Checksums-Sha256: 
 aeef262995fc0651c8c6279794a33d5810f1a1cc055a6f8bccc2e133efaaec19 2044 nss_3.12.9+ckbi-1.82-0ubuntu5.dsc
 9d7c325f8339ab859415d0d633b875416b7ab58e3d998b10b0245607ea8d65d2 66099 nss_3.12.9+ckbi-1.82-0ubuntu5.diff.gz
Files: 
 b0b24e32cc8ccd4db40c433fee2744b3 2044 libs optional nss_3.12.9+ckbi-1.82-0ubuntu5.dsc
 5aa4f23f08a86efc8886c59cbd4695cb 66099 libs optional nss_3.12.9+ckbi-1.82-0ubuntu5.diff.gz
Original-Maintainer: Maintainers of Mozilla-related packages <pkg-mozilla-maintainers at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCgAGBQJOalAtAAoJEFHb3FjMVZVz3DoQAIPHv1MVeHk+mf+6X0hgHo8M
q2JcTk5uta47TduMt567UAaoJcRCnXhYefa7gw8o1BofXcrjUQ/KA70HffEVZDdj
zx2lCHchOl2nfVOS11dCVqt+Sgqv1D9GTPCaM1lhtfiH9Rh/4qES3p73oRjCIMS4
feNoTXcmzV0QAJNb7vYb8jHHudsy6W/o1M5Se0BpN4R3a6CLOey+WdJ8NyXR9B2R
p4IgCCZII69oxK/ioUHRt89yt4ymEbEPLjzA1eDHIuhiyFZmnmFrmVkfjFR4wKC+
GGW6XgSPZclZJgnqqLjfoMmo4RrmPO2cDrIHMWAJgY+GqP+Aow/mRto1J9LDPwpL
O7Zz9zKwha34o3mjHv790ZvmUhUWn4zcK5cTmukhiIhB8MMJBIxt9sxl9coHCvWX
3c59SEg+yi9IXZn6DIJDiIt0TjlQlnfU6FaedfM/QaCKbInBiXuNMOs7wV/Pwhvo
YaKFt+lzt4118fgDRdInplB2lO/GFX84/IMJW5jz6+2VQuqIehdFkV0wiL9N9KRZ
UnXN/VXTKMfXSsuVXMCWJJ4LbXy2cssRhvC4d6Hp1tkjJUH4YnFYCabwtYB9nHLZ
ZA4CMZ4aZL7lC05ljO1oEa9FyeZUgVraEe1Pt3bz6iLyBGolz6gCoHhjNsM1sek+
ggQxhUxypZmzCMDNFPL0
=XyRp
-----END PGP SIGNATURE-----


More information about the Oneiric-changes mailing list