| Description: | Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.
The nss and nss-util packages have been upgraded to upstream versions 3.18, and the nspr packages have been upgraded to upstream version 4.10.8. The upgraded versions provide a number of bug fixes and enhancements over the previous versions. Notably, these upgrades allow users to upgrade to Mozilla Firefox 38 Extended Support Release. (BZ#1205064, BZ#1205065, BZ#1207052)
This update also fixes the following bugs:
Previously, a race condition in NSS in some cases caused heavily threaded applications, such as the ns-slapd daemon, to terminate unexpectedly when under load. This update fixes the underlying cause, and the described crash no longer occurs. (BZ#1182902)
When using version 3.16.1-4 of the nss packages, NSS returned different cipher suites than the prior versions of NSS. This caused certain applications that add external constraints to the cipher suites, such as the Lightweight Directory Access Protocol server (LDAPS), to fail. With this update, the cipher suites table in the /nss/lib/ssl/ssl3con.c file has been adjusted to be compatible with the previous version of NSS, and the affected applications now work as expected. (BZ#1202488)
Users of nss, nss-util, and nspr are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.
|