Bug#542784: New upstream version available (2.0.0.23)
Mike Hommey
mh at glandium.org
Fri Aug 21 18:03:36 UTC 2009
On Fri, Aug 21, 2009 at 01:25:23PM +0200, Alexander Sack wrote:
> reassign 542784 nss
> thanks
>
> That bug needs to be fixed in nss (with more fixes because of
> blackhat); we updated nss to 3.12.3.1 in ubuntu everywhere as we
> believe that it's better to not do manual-cherry-picking for security
> sensitive software like nss.
>
> I would suggest the same for debian, but i am not nss maintainer
> so thats beyond my powers ...
Technically, as you are part of the team, you also are a nss maintainer.
> if glandium or security team wants me to prepare such an update, I
> could do that after my vacation (will be back on 1st sep).
FWIW, the changes between 3.12.3 which we already have in squeeze and
3.12.3.1 are:
- Additional root certs
- Fix for windows startup time (the infamous IE temporary files reading
stuff)
- Removal of the CAPI module from the build
- Avoid calling RNG_SystemInfoForRNG twice at startup
In other words, squeeze is already ok.
As for Lenny, the security team is on it.
Mike
More information about the pkg-mozilla-maintainers
mailing list