nss update for jessie
Salvatore Bonaccorso
carnil at debian.org
Wed Oct 5 06:28:01 UTC 2016
Hi Florian,
Sorry for the delay, was stuck on investigating CVE-2016-7117.
On Tue, Oct 04, 2016 at 11:35:54PM +0200, Florian Weimer wrote:
> * Moritz Mühlenhoff:
>
> > On Mon, Oct 03, 2016 at 10:00:59PM +0200, Florian Weimer wrote:
> >> * Florian Weimer:
> >>
> >> > Here are the untested nspr bits:
> >> >
> >> > <https://people.debian.org/~fw/nss-201610/>
> >> >
> >> > I'll add the nss bits later and test them together (with mod_nss for
> >> > Apache httpd, and hopefully I can find a Debian NSS client, too).
> >>
> >> I've added my nss build as well. I have not yet tested it.
> >
> > My tests with chromium and openjdk went all fine.
>
> My limited test with libapache2-mod-nss went well as well. Although
> mod_nss is quite painful to set up, and it has a hard-coded cipher
> list in the configuration file (it does not appear to be possible to
> import the NSS defaults). This means that users won't get benefits
> such as GCM modes or ECDHE key agreement.
>
> I'll hopefully be able to release DSA tomorrow, after Salvatore
> reported back on his testing.
I grabbed the packages from security-master, installed it on a jessie
workstation and did some quick tests with chromium. I realized that I
do not have any other revelvant packages installed there with
appropraite dependencies though (set apart flashplugin-nonfree, but I
do not know how nss is used there).
So not much of testing-relevance on my side, sorry.
So if you are happy go ahead!
Regards,
Salvatore
More information about the pkg-mozilla-maintainers
mailing list