Recommended update for apache2-mod_nss

SUSE Recommended Update: Recommended update for apache2-mod_nss
Announcement ID: SUSE-RU-2018:0304-1
Rating: low
References: #863035 #993642 #996282 #998176 #998180 #998183
Affected Products:
  • SUSE Linux Enterprise Server 11-SP4
  • SUSE Linux Enterprise Debuginfo 11-SP4

  • An update that has 6 recommended fixes can now be installed.


    This update for apache2-mod_nss fixes the following issues:

    - Change minimum required NSS version to 3.25, as 3.24 breaks mod_nss
    because of SSLv2 changes. (bsc#993642)
    - Rebuild against the recently updated NSS (3.29) adding support for
    SHA384 TLS ciphers. (bsc#863035)
    - Remove deprecated NSSSessionCacheTimeout option from
    - Change the ownership of the gencert generated NSS database so apache can
    read it. (bsc#998180)
    - Fix configuration paths in to point to correct
    locations. (bsc#996282)
    - Generate dummy certificates if there are none in mod_nss.d. (bsc#998183)

    Patch Instructions:

    To install this SUSE Recommended Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Server 11-SP4:
      zypper in -t patch slessp4-apache2-mod_nss-13452=1
    • SUSE Linux Enterprise Debuginfo 11-SP4:
      zypper in -t patch dbgsp4-apache2-mod_nss-13452=1

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):
      • apache2-mod_nss-1.0.14-
    • SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):
      • apache2-mod_nss-debuginfo-1.0.14-
      • apache2-mod_nss-debugsource-1.0.14-