This bug was fixed in the package nss - 2:3.48-1ubuntu1
---------------
nss (2:3.48-1ubuntu1) focal; urgency=low
* Merge from Debian unstable. Remaining changes:
- d/libnss3.links: make freebl3 available as library (LP #1744328)
- d/control: add dh-exec to Build-Depends
- d/rules: make mkdir tolerate debian/tmp existing (due to dh-exec)
- Disable reading fips_enabled flag in FIPS mode. libnss is
not a FIPS certified library. (LP #1837734)
* Set TLSv1.2 as minimum TLS version. LP: #1856428
nss (2:3.48-1) unstable; urgency=medium
* New upstream release. Closes: #947131.
* debian/control: Bump nspr build dependency to 4.24.
* nss/lib/freebl/Makefile: Disable hardware AES on ARM softfloat to fix
FTBFS on armel. Closes: #947246.
nss (2:3.47.1-1) unstable; urgency=medium
* New upstream release.
- Fixes CVE-2019-11745.
-- Ubuntu Merge-o-Matic <m...@ubuntu.com> Sun, 29 Dec 2019 03:43:36
+0000
** Changed in: nss (Ubuntu)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11745
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1856428
Title:
Disable TLS below 1.2 by default
Status in gnutls28 package in Ubuntu:
Fix Committed
Status in golang-1.13 package in Ubuntu:
New
Status in nss package in Ubuntu:
Fix Released
Status in openssl package in Ubuntu:
Fix Committed
Bug description:
Disable TLS 1.0, TLS1.1, DTLS1.0
As part of focal commitment, we shall disable obsolete protocols by
default.
Users can override this behaviour with a config file.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1856428/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
