[Oraclevm-errata] OVMSA-2018-0264 Moderate: Oracle VM 3.4 nss security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Wed Oct 10 11:10:50 PDT 2018
Oracle VM Security Advisory OVMSA-2018-0264
The following updated rpms for Oracle VM 3.4 have been uploaded to the
Unbreakable Linux Network:
x86_64:
nss-3.36.0-9.0.1.el6_10.x86_64.rpm
nss-sysinit-3.36.0-9.0.1.el6_10.x86_64.rpm
nss-tools-3.36.0-9.0.1.el6_10.x86_64.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/nss-3.36.0-9.0.1.el6_10.src.rpm
Description of changes:
[3.36.0-9.0.1]
- Added nss-vendor.patch to change vendor
- Temporarily disable some tests until expired PayPalEE.cert is renewed
[3.36.0-9]
- Backport upstream fix for CVE-2018-12384
- Remove nss-lockcert-api-change.patch, which turned out to be a
mistake (the symbol was not exported from libnss)
[3.36.0-8]
- Restore CERT_LockCertTrust and CERT_UnlockCertTrust back in cert.h
[3.36.0-7]
- rebuild
[3.36.0-6]
- Keep legacy code signing trust flags for backwards compatibility
[3.36.0-5]
- Decrease the iteration count of PKCS#12 for compatibility with Windows
- Fix deadlock when a token is re-inserted while a client process is running
[3.36.0-4]
- Ignore tests which only works with newer nss-softokn
[3.36.0-3]
- Use the correct tarball of NSS 3.36 release
- Ignore EncryptDeriveTest which only works with newer nss-softokn
[3.36.0-2]
- Don't skip non-FIPS and ECC test cases in ssl.sh
[3.36.0-1]
- Rebase to NSS 3.36.0
[3.36.0-0.1.beta]
- Rebase to NSS 3.36.0 BETA
- Remove upstreamed nss-is-token-present-race.patch
- Revert the upstream changes that default to sql database
[3.34.0-3]
- Replace race.patch and nss-3.16-token-init-race.patch with
a proper upstream fix
[3.34.0-2]
- Don't restrict nss_cycles to sharedb
[3.34.0-1]
- Rebase to NSS 3.34.0
More information about the Oraclevm-errata
mailing list