Recommended update for apache2-mod_nss

SUSE Recommended Update: Recommended update for apache2-mod_nss

---

Announcement ID:	SUSE-RU-2018:0304-1
Rating:	low
References:	#863035 #993642 #996282 #998176 #998180 #998183
Affected Products:	SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4

---

An update that has 6 recommended fixes can now be installed.

Description:

This update for apache2-mod_nss fixes the following issues:

- Change minimum required NSS version to 3.25, as 3.24 breaks mod_nss
because of SSLv2 changes. (bsc#993642)
- Rebuild against the recently updated NSS (3.29) adding support for
SHA384 TLS ciphers. (bsc#863035)
- Remove deprecated NSSSessionCacheTimeout option from mod_nss.conf.in.
(bsc#998176)
- Change the ownership of the gencert generated NSS database so apache can
read it. (bsc#998180)
- Fix configuration paths in mod_nss.conf.in to point to correct
locations. (bsc#996282)
- Generate dummy certificates if there are none in mod_nss.d. (bsc#998183)

Patch Instructions:

To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Server 11-SP4:
  zypper in -t patch slessp4-apache2-mod_nss-13452=1
• SUSE Linux Enterprise Debuginfo 11-SP4:
  zypper in -t patch dbgsp4-apache2-mod_nss-13452=1

To bring your system up-to-date, use "zypper patch".

Package List:

• SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):
  • apache2-mod_nss-1.0.14-0.4.26.5.1
• SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):
  • apache2-mod_nss-debuginfo-1.0.14-0.4.26.5.1
  • apache2-mod_nss-debugsource-1.0.14-0.4.26.5.1

References:

• https://bugzilla.suse.com/863035
• https://bugzilla.suse.com/993642
• https://bugzilla.suse.com/996282
• https://bugzilla.suse.com/998176
• https://bugzilla.suse.com/998180
• https://bugzilla.suse.com/998183