[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
** Changed in: nss (Debian) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Fix Released Status in nss source package in Lucid: Fix Released Status in nss source package in Precise: Fix Released Status in nss source package in Trusty: Fix Released Status in nss source package in Utopic: Fix Released Status in nss source package in Vivid: Fix Released Status in nss package in Debian: Fix Released Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
tested on Ubuntu 14.04 , great it fixed the problem! Thanks -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Fix Released Status in nss source package in Lucid: Fix Released Status in nss source package in Precise: Fix Released Status in nss source package in Trusty: Fix Released Status in nss source package in Utopic: Fix Released Status in nss source package in Vivid: Fix Released Status in nss package in Debian: Confirmed Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
** Information type changed from Public to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Fix Released Status in nss source package in Lucid: Fix Released Status in nss source package in Precise: Fix Released Status in nss source package in Trusty: Fix Released Status in nss source package in Utopic: Fix Released Status in nss source package in Vivid: Fix Released Status in nss package in Debian: Confirmed Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-1569 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Fix Released Status in nss source package in Lucid: Fix Released Status in nss source package in Precise: Fix Released Status in nss source package in Trusty: Fix Released Status in nss source package in Utopic: Fix Released Status in nss source package in Vivid: Fix Released Status in nss package in Debian: Confirmed Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
Tested on Trusty and confirmed fixed. Thanks. - Google Chrome 40.0.2214.115-1 - libnss3 2:3.17.4-0ubuntu0.14.04.1 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Fix Released Status in nss source package in Lucid: Fix Released Status in nss source package in Precise: Fix Released Status in nss source package in Trusty: Fix Released Status in nss source package in Utopic: Fix Released Status in nss source package in Vivid: Fix Released Status in nss package in Debian: Confirmed Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
This bug was fixed in the package nss - 3.17.4-0ubuntu0.12.04.1 --- nss (3.17.4-0ubuntu0.12.04.1) precise-security; urgency=medium * SECURITY UPDATE: update to upstream 3.17.4 to get new CA certificate bundle, and to fix incorrect SHA-1 behaviour. (LP: #1423031) * Removed unneeded patches: - debian/patches/CVE-2014-1569.patch: included upstream. -- Marc DeslauriersThu, 19 Feb 2015 07:45:59 -0500 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Fix Released Status in nss source package in Lucid: Fix Released Status in nss source package in Precise: Fix Released Status in nss source package in Trusty: Fix Released Status in nss source package in Utopic: Fix Released Status in nss source package in Vivid: Fix Released Status in nss package in Debian: Confirmed Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
This bug was fixed in the package nss - 2:3.17.4-0ubuntu0.14.10.1 --- nss (2:3.17.4-0ubuntu0.14.10.1) utopic-security; urgency=medium * SECURITY UPDATE: update to upstream 3.17.4 to get new CA certificate bundle, and to fix incorrect SHA-1 behaviour. (LP: #1423031) * Removed unneeded patches: - debian/patches/CVE-2014-1569.patch: included upstream. -- Marc DeslauriersThu, 19 Feb 2015 07:41:50 -0500 ** Changed in: nss (Ubuntu Utopic) Status: Confirmed => Fix Released ** Changed in: nss (Ubuntu Precise) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Fix Released Status in nss source package in Lucid: Fix Released Status in nss source package in Precise: Fix Released Status in nss source package in Trusty: Fix Released Status in nss source package in Utopic: Fix Released Status in nss source package in Vivid: Fix Released Status in nss package in Debian: Confirmed Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
This bug was fixed in the package nss - 2:3.17.4-0ubuntu0.14.04.1 --- nss (2:3.17.4-0ubuntu0.14.04.1) trusty-security; urgency=medium * SECURITY UPDATE: update to upstream 3.17.4 to get new CA certificate bundle, and to fix incorrect SHA-1 behaviour. (LP: #1423031) * Removed unneeded patches: - debian/patches/CVE-2014-1569.patch: included upstream. -- Marc DeslauriersThu, 19 Feb 2015 07:44:05 -0500 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Fix Released Status in nss source package in Lucid: Fix Released Status in nss source package in Precise: Fix Released Status in nss source package in Trusty: Fix Released Status in nss source package in Utopic: Fix Released Status in nss source package in Vivid: Fix Released Status in nss package in Debian: Confirmed Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
This bug was fixed in the package nss - 3.17.4-0ubuntu0.10.04.1 --- nss (3.17.4-0ubuntu0.10.04.1) lucid-security; urgency=medium * SECURITY UPDATE: update to upstream 3.17.4 to get new CA certificate bundle, and to fix incorrect SHA-1 behaviour. (LP: #1423031) * Removed unneeded patches: - debian/patches/CVE-2014-1569.patch: included upstream. -- Marc DeslauriersThu, 19 Feb 2015 07:48:44 -0500 ** Changed in: nss (Ubuntu Lucid) Status: Confirmed => Fix Released ** Changed in: nss (Ubuntu Trusty) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Fix Released Status in nss source package in Lucid: Fix Released Status in nss source package in Precise: Fix Released Status in nss source package in Trusty: Fix Released Status in nss source package in Utopic: Fix Released Status in nss source package in Vivid: Fix Released Status in nss package in Debian: Confirmed Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
This bug was fixed in the package nss - 2:3.17.4-0ubuntu1 --- nss (2:3.17.4-0ubuntu1) vivid; urgency=medium * SECURITY UPDATE: update to upstream 3.17.4 to get new CA certificate bundle, and to fix incorrect SHA-1 behaviour. (LP: #1423031) * Removed unneeded patches: - debian/patches/98_CVE-2014-1569.patch: included upstream. -- Marc DeslauriersThu, 19 Feb 2015 07:32:50 -0500 ** Changed in: nss (Ubuntu Vivid) Status: Confirmed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-1569 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Fix Released Status in nss source package in Lucid: Confirmed Status in nss source package in Precise: Confirmed Status in nss source package in Trusty: Confirmed Status in nss source package in Utopic: Confirmed Status in nss source package in Vivid: Fix Released Status in nss package in Debian: Confirmed Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
** Also affects: nss (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: nss (Ubuntu Vivid) Importance: Undecided Status: Confirmed ** Also affects: nss (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: nss (Ubuntu Utopic) Importance: Undecided Status: New ** Also affects: nss (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: nss (Ubuntu Vivid) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) ** Changed in: nss (Ubuntu Utopic) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) ** Changed in: nss (Ubuntu Trusty) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) ** Changed in: nss (Ubuntu Precise) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) ** Changed in: nss (Ubuntu Lucid) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) ** Changed in: nss (Ubuntu Lucid) Status: New => Confirmed ** Changed in: nss (Ubuntu Precise) Status: New => Confirmed ** Changed in: nss (Ubuntu Trusty) Status: New => Confirmed ** Changed in: nss (Ubuntu Utopic) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Confirmed Status in nss source package in Lucid: Confirmed Status in nss source package in Precise: Confirmed Status in nss source package in Trusty: Confirmed Status in nss source package in Utopic: Confirmed Status in nss source package in Vivid: Confirmed Status in nss package in Debian: Confirmed Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
Please get this fixed, chrome 41 will get out soon and its deprecating sha1 ssl. This library has to be updated! Thanls -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Confirmed Status in nss package in Debian: Confirmed Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
** Changed in: nss (Debian) Status: Unknown => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Confirmed Status in nss package in Debian: Confirmed Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: nss (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Confirmed Status in nss package in Debian: Unknown Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
** Bug watch added: Debian Bug tracker #774195 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774195 ** Also affects: nss (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774195 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: New Status in nss package in Debian: Unknown Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version >= 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp