[Bug 1856428] Re: Disable TLS below 1.2 by default
Launchpad Bug Tracker
1856428 at bugs.launchpad.net
Tue Jan 14 12:33:45 UTC 2020
This bug was fixed in the package nss - 2:3.48-1ubuntu1
---------------
nss (2:3.48-1ubuntu1) focal; urgency=low
* Merge from Debian unstable. Remaining changes:
- d/libnss3.links: make freebl3 available as library (LP #1744328)
- d/control: add dh-exec to Build-Depends
- d/rules: make mkdir tolerate debian/tmp existing (due to dh-exec)
- Disable reading fips_enabled flag in FIPS mode. libnss is
not a FIPS certified library. (LP #1837734)
* Set TLSv1.2 as minimum TLS version. LP: #1856428
nss (2:3.48-1) unstable; urgency=medium
* New upstream release. Closes: #947131.
* debian/control: Bump nspr build dependency to 4.24.
* nss/lib/freebl/Makefile: Disable hardware AES on ARM softfloat to fix
FTBFS on armel. Closes: #947246.
nss (2:3.47.1-1) unstable; urgency=medium
* New upstream release.
- Fixes CVE-2019-11745.
-- Ubuntu Merge-o-Matic <mom at ubuntu.com> Sun, 29 Dec 2019 03:43:36
+0000
** Changed in: nss (Ubuntu)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11745
--
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1856428
Title:
Disable TLS below 1.2 by default
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1856428/+subscriptions
More information about the Ubuntu-mozillateam-bugs
mailing list