Fedora 21 Security Update: nss-3.19.1-1.0.fc21,nss-softokn-3.19.1-1.0.fc21,nss-util-3.19.1-1.0.fc21

Resolved Bugs
1224448 – CVE-2015-4000 nss: LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks [fedora-all]
1214732 – nss-3.19.1 is available
1223211 – CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks<br
Security fix for CVE-2015-4000
Update to the upstream NSS 3.19.1 release, which includes a fix for the recently published logjam attack.
The previous 3.19 release made several notable changes related to the TLS protocol, one of them was to disable the SSL 3 protocol by default.
For the full list of changes in the 3.19 and 3.19.1 releases, please refer to the upstream release notes documents:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19_release_notes

Leave a Reply