Opened 3 years ago

Closed 3 years ago

#11396 closed enhancement (fixed)

nss-3.40.1

Reported by: Bruce Dubbs Owned by: blfs-book@…
Priority: normal Milestone: 8.4
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (7)

comment:1 by ken@…, 3 years ago

According to slackware, per https://lwn.net/Articles/773818/

patches/packages/mozilla-nss-3.40.1-i586-1_slack14.2.txz: Upgraded.

Upgraded to nss-3.40.1 and nspr-4.20. Mitigate cache side-channel variant of the Bleichenbacher attack. For more information, see:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12404

(* Security fix *)

Perhaps we should also require nspr >= 4.20 in the patch.

comment:2 by ken@…, 3 years ago

Owner: changed from blfs-book to ken@…
Status: newassigned

comment:3 by ken@…, 3 years ago

Update in r20775.

Keeping open in the hope I can find time to sort out the details of the test build, add that to the wiki, and then expand the comment.

comment:4 by ken@…, 3 years ago

Resolution: fixed
Status: assignedclosed

Failed to get tests running with 3.40.1, I've updated the wiki with details of what I know and reworded the text in the book in r20830.

comment:5 by Bruce Dubbs, 3 years ago

Resolution: fixed
Status: closedreopened
Summary: nss-3.40.1nss-3.41

No good deed goes unpunished. Reopening.

New minor version.

comment:6 by ken@…, 3 years ago

Owner: changed from ken@… to blfs-book@…
Status: reopenednew

I disagree with reopening a closed ticket for a new version - it makes a mockery of the 'fixes' link in the changelog, and will result in multiple 'fixed at r12345' links from the ticket to the actual change.

In any case, I have no cycles for this.

comment:7 by Bruce Dubbs, 3 years ago

Resolution: fixed
Status: newclosed
Summary: nss-3.41nss-3.40.1

Good point.

Note: See TracTickets for help on using tickets.