SUSE Security Update: Security update for Mozilla NSS ______________________________________________________________________________ Announcement ID: SUSE-SU-2011:1042-1 Rating: important References: #714931 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Server 10 SP3 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 SLE SDK 10 SP3 ______________________________________________________________________________ An update that contains security fixes can now be installed. It includes four new package versions. Description: This update updates Mozilla NSS to 3.12.11. The update marks the compromised DigiNotar Certificate Authority as untrusted For more information read: MFSA 2011-34 <http://www.mozilla.org/security/announce/2011/mfsa2011-34.h tml> * update to 3.12.10 o root CA changes o filter certain bogus certs (bmo#642815) o fix minor memory leaks o other bugfixes * update to 3.12.9 o fix minor memory leaks (bmo#619268) o fix crash in nss_cms_decoder_work_data (bmo#607058) o fix crash in certutil (bmo#620908) o handle invalid argument in JPAKE (bmo#609068) o J-PAKE support (API requirement for Firefox >= 4.0b8) * replaced expired PayPal test certificate (fixing testsuite) * removed DigiNotar root certifiate from trusted db (bmo#682927) This update also brings the prerequired Mozilla NSPR to version 4.8.9. * update to 4.8.9 * update to 4.8.8 o support IPv6 on Android (bmo#626866) o use AI_ADDRCONFIG for loopback hostnames (bmo#614526) o support SDP sockets (bmo#518078) o support m32r architecture (bmo#635667) o use atomic functions on ARM (bmo#626309) o some other fixes not affecting the Linux platform Indications: Please install this update. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 1.9.2.22,3.12.11 and 4.8.9]: mozilla-nspr-4.8.9-1.5.8 mozilla-nspr-devel-4.8.9-1.5.8 mozilla-nss-3.12.11-3.7.1 mozilla-nss-devel-3.12.11-3.7.1 mozilla-nss-tools-3.12.11-3.7.1 mozilla-xulrunner192-1.9.2.22-0.5.1 mozilla-xulrunner192-gnome-1.9.2.22-0.5.1 mozilla-xulrunner192-translations-1.9.2.22-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x) [New Version: 3.6.22]: MozillaFirefox-3.6.22-0.5.1 MozillaFirefox-translations-3.6.22-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 1.9.2.22,3.12.11 and 4.8.9]: mozilla-nspr-32bit-4.8.9-1.5.8 mozilla-nss-32bit-3.12.11-3.7.1 mozilla-xulrunner192-32bit-1.9.2.22-0.5.1 mozilla-xulrunner192-gnome-32bit-1.9.2.22-0.5.1 mozilla-xulrunner192-translations-32bit-1.9.2.22-0.5.1 - SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 3.12.11 and 4.8.9]: mozilla-nspr-x86-4.8.9-1.5.8 mozilla-nss-x86-3.12.11-3.7.1 - SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 3.12.11 and 4.8.9]: mozilla-nspr-64bit-4.8.9-1.5.8 mozilla-nss-64bit-3.12.11-3.7.1 - SUSE Linux Enterprise Server 10 SP3 (i586 ia64 ppc s390x x86_64) [New Version: 1.9.2.22,3.12.11 and 4.8.9]: mozilla-nspr-4.8.9-1.5.8 mozilla-nspr-devel-4.8.9-1.5.8 mozilla-nss-3.12.11-3.7.1 mozilla-nss-devel-3.12.11-3.7.1 mozilla-nss-tools-3.12.11-3.7.1 mozilla-xulrunner192-1.9.2.22-0.5.1 mozilla-xulrunner192-gnome-1.9.2.22-0.5.1 mozilla-xulrunner192-translations-1.9.2.22-0.5.1 - SUSE Linux Enterprise Server 10 SP3 (i586 ia64 ppc s390x) [New Version: 3.6.22]: MozillaFirefox-3.6.22-0.5.1 MozillaFirefox-translations-3.6.22-0.5.1 - SUSE Linux Enterprise Server 10 SP3 (s390x x86_64) [New Version: 1.9.2.22,3.12.11 and 4.8.9]: mozilla-nspr-32bit-4.8.9-1.5.8 mozilla-nss-32bit-3.12.11-3.7.1 mozilla-xulrunner192-32bit-1.9.2.22-0.5.1 mozilla-xulrunner192-gnome-32bit-1.9.2.22-0.5.1 mozilla-xulrunner192-translations-32bit-1.9.2.22-0.5.1 - SUSE Linux Enterprise Server 10 SP3 (ia64) [New Version: 3.12.11 and 4.8.9]: mozilla-nspr-x86-4.8.9-1.5.8 mozilla-nss-x86-3.12.11-3.7.1 - SUSE Linux Enterprise Server 10 SP3 (ppc) [New Version: 3.12.11 and 4.8.9]: mozilla-nspr-64bit-4.8.9-1.5.8 mozilla-nss-64bit-3.12.11-3.7.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 1.9.2.22,3.12.11 and 4.8.9]: mozilla-nspr-4.8.9-1.5.8 mozilla-nspr-devel-4.8.9-1.5.8 mozilla-nss-3.12.11-3.7.1 mozilla-nss-devel-3.12.11-3.7.1 mozilla-nss-tools-3.12.11-3.7.1 mozilla-xulrunner192-1.9.2.22-0.5.1 mozilla-xulrunner192-gnome-1.9.2.22-0.5.1 mozilla-xulrunner192-translations-1.9.2.22-0.5.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 1.9.2.22,3.12.11 and 4.8.9]: mozilla-nspr-32bit-4.8.9-1.5.8 mozilla-nss-32bit-3.12.11-3.7.1 mozilla-xulrunner192-32bit-1.9.2.22-0.5.1 mozilla-xulrunner192-gnome-32bit-1.9.2.22-0.5.1 mozilla-xulrunner192-translations-32bit-1.9.2.22-0.5.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 3.6.22]: MozillaFirefox-3.6.22-0.5.1 MozillaFirefox-translations-3.6.22-0.5.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 3.12.11]: mozilla-nss-tools-3.12.11-3.7.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x): MozillaFirefox-branding-upstream-3.6.22-0.5.1 - SLE SDK 10 SP3 (i586 ia64 ppc s390x x86_64) [New Version: 3.12.11]: mozilla-nss-tools-3.12.11-3.7.1 - SLE SDK 10 SP3 (i586 ia64 ppc s390x) [New Version: 3.6.22]: MozillaFirefox-branding-upstream-3.6.22-0.5.1 References: https://bugzilla.novell.com/714931 http://download.novell.com/patch/finder/?keywords=0cbbd57fe88e0d56f99e55b02c... http://download.novell.com/patch/finder/?keywords=0fa2d48df2a14d895b40a98986... http://download.novell.com/patch/finder/?keywords=60cc7c3ba5950c0ed48767065a... http://download.novell.com/patch/finder/?keywords=9ef69b89f3d89e966afa74994c... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org