On Sun, Feb 28, 2010 at 03:45:06AM +0100, Christoph Anton Mitterer wrote:
> FYI: RFC 5746 provides the solution to the renegotiation security attack.
And it is planned for 3.12.6.
Mike
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble
FYI: RFC 5746 provides the solution to the renegotiation security attack.
Cheers,
Chris.
This message was sent using IMP, the Internet Messaging Program.
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with
Can you try after setting the NSS_SSL_ENABLE_RENEGOTIATION environment
variable to 1 ? (with nss 3.12.5-1, obviously).
Running iceweasel from a terminal using the following solved the issue
for me:
NSS_SSL_ENABLE_RENEGOTIATION=1 iceweasel
--
Oliver
--
To UNSUBSCRIBE, email to debian-bugs-
On Wed, Jan 06, 2010 at 01:29:13PM +0100, Olivier Berger wrote:
> On Wed, Dec 30, 2009 at 08:36:11AM +0100, Mike Hommey wrote:
> > On Tue, Dec 29, 2009 at 11:45:48PM +0100, Alexander Kurtz wrote:
> > > Hi,
> > >
> > > Since I didn't find a copy of libnss3-1d 3.12.4-1, I wanted to mention
> > > tha
On Wed, Dec 30, 2009 at 08:36:11AM +0100, Mike Hommey wrote:
> On Tue, Dec 29, 2009 at 11:45:48PM +0100, Alexander Kurtz wrote:
> > Hi,
> >
> > Since I didn't find a copy of libnss3-1d 3.12.4-1, I wanted to mention
> > that the lenny version[1] of libnss3-1d works without problems with
> > squeeze
On Tue, Dec 29, 2009 at 11:45:48PM +0100, Alexander Kurtz wrote:
> Hi,
>
> Since I didn't find a copy of libnss3-1d 3.12.4-1, I wanted to mention
> that the lenny version[1] of libnss3-1d works without problems with
> squeeze (and probably sid too) so using this version until this bug is
> fixed i
Hi,
Since I didn't find a copy of libnss3-1d 3.12.4-1, I wanted to mention
that the lenny version[1] of libnss3-1d works without problems with
squeeze (and probably sid too) so using this version until this bug is
fixed is easily possible.
Cheers
Alexander Kurtz
[1] http://packages.debian.org/l
On Tue, 2009-12-22 at 23:59 +0100, Mike Hommey wrote:
> This just confirms the diagnostic, which is that nss 3.12.5 disabled
> renegotiation because of CVE-2009-3555. Now, we need to decide how to
> allow client authentication without putting users too much at risk.
ok,.. I've already suspected thi
Hi Mike.
On Tue, 2009-12-22 at 19:37 +0100, Mike Hommey wrote:
> Can you try after setting the NSS_SSL_ENABLE_RENEGOTIATION environment
> variable to 1 ? (with nss 3.12.5-1, obviously).
Yes this "fixes" the problem.
Cheers,
Chris.
smime.p7s
Description: S/MIME cryptographic signature
On Tue, Dec 22, 2009 at 11:42:02PM +0100, Christoph Anton Mitterer wrote:
> Hi Mike.
>
> On Tue, 2009-12-22 at 19:37 +0100, Mike Hommey wrote:
> > Can you try after setting the NSS_SSL_ENABLE_RENEGOTIATION environment
> > variable to 1 ? (with nss 3.12.5-1, obviously).
> Yes this "fixes" the probl
Hello Mike,
On Tue, Dec 22, 2009 at 20:37, Mike Hommey wrote:
> On Mon, Dec 21, 2009 at 10:34:09AM +0100, Christoph Anton Mitterer wrote:
>> Package: libnss3-1d
>> Version: 3.12.5-1
>> Justification: renders package unusable
>> Severity: grave
>>
>> Hi.
>>
>> With the most recent version, client
On Mon, Dec 21, 2009 at 10:34:09AM +0100, Christoph Anton Mitterer wrote:
> Package: libnss3-1d
> Version: 3.12.5-1
> Justification: renders package unusable
> Severity: grave
>
> Hi.
>
> With the most recent version, client certificate authentication is broken.
> An error occurs even before icew
Package: libnss3-1d
Version: 3.12.5-1
Justification: renders package unusable
Severity: grave
Hi.
With the most recent version, client certificate authentication is broken.
An error occurs even before iceweasel, epiphany, etc. ask for the
certificate to select.
downgrading to 3.12.4-1 fixes t
13 matches
Mail list logo
