Date: Wed, 24 Sep 2014 20:24:03 +0000 From: bugzilla-noreply@freebsd.org To: gecko@FreeBSD.org Subject: maintainer-feedback requested: [Bug 193906] security/nss: update to 3.17.1 to fix CVE-2014-1568 Message-ID: <bug-193906-21738-zGYUJnohau@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-193906-21738@https.bugs.freebsd.org/bugzilla/> References: <bug-193906-21738@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
Jan Beich <jbeich@vfemail.net> has asked gecko@FreeBSD.org for maintainer-feedback: Bug 193906: security/nss: update to 3.17.1 to fix CVE-2014-1568 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D193906 ------- Additional Comments from Jan Beich <jbeich@vfemail.net> While native firefox/thunderbird/seamonkey ports use --with-system-nss it m= aybe still worth updating in order to fix bugs missed in other point releases as gecko@ team may not have any committers left. And there're still 3 weeks be= fore firefox 33.0. $ svn export https://trillian.chruetertee.ch/svn/freebsd-gecko/branches/firefox32 $ cp -R firefox32/ /usr/ports/ <vuln vid=3D"48108fb0-751c-4cbb-8f33-09239ead4b55"> <topic>NSS -- RSA Signature Forgery</topic> <affects> <package> <name>linux-firefox</name> <range><lt>32.0.3,1</lt></range> </package> <package> <name>linux-thunderbird</name> <range><lt>31.1.2</lt></range> </package> <package> <name>linux-seamonkey</name> <range><lt>2.29.1</lt></range> </package> <package> <name>nss</name> <range><lt>3.17.1</lt></range> </package> </affects> <description> <body xmlns=3D"http://www.w3.org/1999/xhtml">; <p>The Mozilla Project reports:</p> <blockquote cite=3D"http://www.mozilla.org/security/known-vulnerabilities/">; <p>MFSA 2014-73 RSA Signature Forgery in NSS</p> </blockquote> </body> </description> <references> <cvename>CVE-2014-1568</cvename> =20=20=20=20=20 <url>https://www.mozilla.org/security/announce/2014/mfsa2014-73.html</url>; </references> <dates> <discovery>2014-09-23</discovery> <entry>2014-09-24</entry> </dates> </vuln>=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-193906-21738-zGYUJnohau>