Security fix for CVE-2015-4000
Update to the upstream NSS 3.19.1 release, which includes a fix for the recently published logjam attack.
The previous 3.19 release made several notable changes related to the TLS protocol, one of them was to disable the SSL 3 protocol by default.
For the full list of changes in the 3.19 and 3.19.1 releases, please refer to the upstream release notes documents:
sudo dnf upgrade --advisory=FEDORA-2015-9130
|submitted||4 years ago|
|in testing||4 years ago|
|in stable||4 years ago|
|modified||4 years ago|
|0||0||#1214732 nss-3.19.1 is available|
|0||0||#1223211 CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks|
|0||0||#1224448 CVE-2015-4000 nss: LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks [fedora-all]|