-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
FESCo met today to address the NSS BEAST patch that left all software using NSS vulnerable to the BEAST[0] vulnerability. The decision was made to implement the patch that fixes this vulnerablity in F19 and F20. There are some programs that may have difficulties with this fix. While the fix will go in as soon as possible the change in F19 will not be applied until some testing has been completed.
Information on this fix is in Bugzilla[1]. If your package depends on NSS you should definitely test this patch before it goes live in order to determine if it breaks functionality (information on the BZ ticket on how to disable the fix if needed).
[0] https://en.wikipedia.org/wiki/BEAST_%28computer_security%29#BEAST_attack [1] https://bugzilla.mozilla.org/show_bug.cgi?id=665814
- -- Eric
- -------------------------------------------------- Eric "Sparks" Christensen Fedora Project
sparks@fedoraproject.org - sparks@redhat.com 097C 82C3 52DF C64A 50C2 E3A3 8076 ABDE 024B B3D1 - --------------------------------------------------
devel-announce@lists.fedoraproject.org