Description
the following security issues were fixed in mozilla-nss and
mozilla nspr:
- mozilla-nss:
+ update to 3.15.3 (bnc#850148)
* CERT_VerifyCert returns SECSuccess (saying
certificate is good) even for bad certificates, when the
CERTVerifyLog log parameter is given (bmo#910438)
* NSS advertises TLS 1.2 ciphersuites in a TLS 1.1
ClientHello (bmo#919677)
* fix CVE-2013-5605
- mozilla-nspr:
+ update to version 4.10.2 relevant changes:
* bmo#770534: possible pointer overflow in
PL_ArenaAllocate()
* bmo#888546: ptio.c:PR_ImportUDPSocket doesn't work