← Back to team overview

touch-packages team mailing list archive

[Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain

 

This bug was fixed in the package nss - 2:3.17.4-0ubuntu0.14.10.1

---------------
nss (2:3.17.4-0ubuntu0.14.10.1) utopic-security; urgency=medium

  * SECURITY UPDATE: update to upstream 3.17.4 to get new CA certificate
    bundle, and to fix incorrect SHA-1 behaviour. (LP: #1423031)
  * Removed unneeded patches:
    - debian/patches/CVE-2014-1569.patch: included upstream.
 -- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx>   Thu, 19 Feb 2015 07:41:50 -0500

** Changed in: nss (Ubuntu Utopic)
       Status: Confirmed => Fix Released

** Changed in: nss (Ubuntu Precise)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1423031

Title:
  NSS incorrectly preferring a longer, weaker chain over a shorter,
  stronger chain

Status in nss package in Ubuntu:
  Fix Released
Status in nss source package in Lucid:
  Fix Released
Status in nss source package in Precise:
  Fix Released
Status in nss source package in Trusty:
  Fix Released
Status in nss source package in Utopic:
  Fix Released
Status in nss source package in Vivid:
  Fix Released
Status in nss package in Debian:
  Confirmed

Bug description:
  See:

  https://code.google.com/p/chromium/issues/detail?id=437733

  and

  https://code.google.com/p/chromium/issues/detail?id=459131

  This issue is fixed in upstream libnss3 version >= 3.17.4

  This issue causes incorrect SHA1 sunset behaviour in Google Chrome.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions


References