[Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
Launchpad Bug Tracker
1423031 at bugs.launchpad.net
Thu Feb 19 15:04:26 UTC 2015
This bug was fixed in the package nss - 2:3.17.4-0ubuntu1
---------------
nss (2:3.17.4-0ubuntu1) vivid; urgency=medium
* SECURITY UPDATE: update to upstream 3.17.4 to get new CA certificate
bundle, and to fix incorrect SHA-1 behaviour. (LP: #1423031)
* Removed unneeded patches:
- debian/patches/98_CVE-2014-1569.patch: included upstream.
-- Marc Deslauriers <marc.deslauriers at ubuntu.com> Thu, 19 Feb 2015 07:32:50 -0500
** Changed in: nss (Ubuntu Vivid)
Status: Confirmed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1569
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1423031
Title:
NSS incorrectly preferring a longer, weaker chain over a shorter,
stronger chain
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions
More information about the Ubuntu-server-bugs
mailing list