changelog_14.2
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
| changelog_14.2 [2021/10/28 13:59] – [2021-10-10] connie | changelog_14.2 [2021/12/03 17:13] – [2021-10-28] connie | ||
|---|---|---|---|
| Line 2: | Line 2: | ||
| Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. | Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. | ||
| + | |||
| + | ==== 2021-12-03 ==== | ||
| + | |||
| + | **mozilla-nss-3.40.1**: | ||
| + | This update fixes a critical security issue: | ||
| + | NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are | ||
| + | vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS | ||
| + | signatures. Applications using NSS for handling signatures encoded within | ||
| + | CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications | ||
| + | using NSS for certificate validation or other TLS, X.509, OCSP or CRL | ||
| + | functionality may be impacted, depending on how they configure NSS. | ||
| + | Note: This vulnerability does NOT impact Mozilla Firefox. However, email | ||
| + | clients and PDF viewers that use NSS for signature verification, | ||
| + | Thunderbird, | ||
| + | Thanks to Tavis Ormandy of Google Project Zero. | ||
| + | For more information, | ||
| + | * https:// | ||
| + | * https:// | ||
| + | (**Security fix**) | ||
| + | |||
| + | **mailx-12.5**: | ||
| + | Patched a bug where Heirloom mailx produces a " | ||
| + | incorrect when the system is in the Europe/ | ||
| + | to have been sent 2 hours earlier). | ||
| + | Thanks to Andrea Biardi. | ||
| ==== 2021-10-28 ==== | ==== 2021-10-28 ==== | ||
changelog_14.2.txt · Last modified: 2023/12/23 13:40 by connie