nss should use transitional scheme for renegotiation
Bug #553251 reported by
Jamie Strandboge
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
nss (Ubuntu) |
Fix Released
|
High
|
Chris Coulson | ||
Lucid |
Fix Released
|
High
|
Chris Coulson |
Bug Description
3.12.6-0ubuntu1 in Ubuntu includes a fix for CVE-2009-3555, however it uses strict checking which breaks clients connecting to unpatched servers. This is http://
Related branches
Changed in nss (Ubuntu): | |
importance: | Undecided → High |
milestone: | none → ubuntu-10.04-beta-2 |
status: | New → In Progress |
assignee: | nobody → Chris Coulson (chrisccoulson) |
Changed in nss (Ubuntu Lucid): | |
status: | In Progress → Fix Committed |
To post a comment you must log in.
Why isn't Firefox (from mozilla.org) affected by this issue? Trunk Minefield uses NSS 3.12.6.2, and I haven't heard any problems similar to this...