Recommended update for apache2-mod_nss

Announcement ID:	SUSE-RU-2018:0182-1
Rating:	low
References:	bsc#863035 bsc#993642 bsc#996282 bsc#998176 bsc#998180 bsc#998183
Affected Products:	SUSE Linux Enterprise High Performance Computing 12 SP2 SUSE Linux Enterprise High Performance Computing 12 SP3 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2

An update that has six fixes can now be installed.

Description:

This update for apache2-mod_nss provides the following fixes:

• bump up minimal NSS version to 3.25, because 3.24 breaks mod_nss because of SSLv2 changes (bsc#993642)
• rebuild against the recently updated NSS (3.29) adds support for SHA384 TLS ciphers (bsc#863035)
• remove deprecated NSSSessionCacheTimeout option from mod_nss.conf.in (bsc#998176)
• change ownership of the gencert generated NSS database so apache can read it (bsc#998180)
• use correct configuration path in mod_nss.conf.in (bsc#996282)
• remove %post migration code from the old alias directory
• generate dummy certificates if there aren't any in mod_nss.d (bsc#998183)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2
  zypper in -t patch SUSE-SLE-RPI-12-SP2-2018-131=1
• SUSE Linux Enterprise High Performance Computing 12 SP2
  zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-131=1
• SUSE Linux Enterprise Server 12 SP2
  zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-131=1
• SUSE Linux Enterprise Server for SAP Applications 12 SP2
  zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-131=1
• SUSE Linux Enterprise Server 12 SP3
  zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-131=1
• SUSE Linux Enterprise High Performance Computing 12 SP3
  zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-131=1
• SUSE Linux Enterprise Server for SAP Applications 12 SP3
  zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-131=1

Package List:

• SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 (aarch64)
  • apache2-mod_nss-debugsource-1.0.14-19.3.1
  • apache2-mod_nss-1.0.14-19.3.1
  • apache2-mod_nss-debuginfo-1.0.14-19.3.1
• SUSE Linux Enterprise High Performance Computing 12 SP2 (aarch64 x86_64)
  • apache2-mod_nss-debugsource-1.0.14-19.3.1
  • apache2-mod_nss-1.0.14-19.3.1
  • apache2-mod_nss-debuginfo-1.0.14-19.3.1
• SUSE Linux Enterprise Server 12 SP2 (aarch64 ppc64le s390x x86_64)
  • apache2-mod_nss-debugsource-1.0.14-19.3.1
  • apache2-mod_nss-1.0.14-19.3.1
  • apache2-mod_nss-debuginfo-1.0.14-19.3.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP2 (ppc64le x86_64)
  • apache2-mod_nss-debugsource-1.0.14-19.3.1
  • apache2-mod_nss-1.0.14-19.3.1
  • apache2-mod_nss-debuginfo-1.0.14-19.3.1
• SUSE Linux Enterprise Server 12 SP3 (aarch64 ppc64le s390x x86_64)
  • apache2-mod_nss-debugsource-1.0.14-19.3.1
  • apache2-mod_nss-1.0.14-19.3.1
  • apache2-mod_nss-debuginfo-1.0.14-19.3.1
• SUSE Linux Enterprise High Performance Computing 12 SP3 (aarch64 x86_64)
  • apache2-mod_nss-debugsource-1.0.14-19.3.1
  • apache2-mod_nss-1.0.14-19.3.1
  • apache2-mod_nss-debuginfo-1.0.14-19.3.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP3 (ppc64le x86_64)
  • apache2-mod_nss-debugsource-1.0.14-19.3.1
  • apache2-mod_nss-1.0.14-19.3.1
  • apache2-mod_nss-debuginfo-1.0.14-19.3.1

References:

• https://bugzilla.suse.com/show_bug.cgi?id=863035
• https://bugzilla.suse.com/show_bug.cgi?id=993642
• https://bugzilla.suse.com/show_bug.cgi?id=996282
• https://bugzilla.suse.com/show_bug.cgi?id=998176
• https://bugzilla.suse.com/show_bug.cgi?id=998180
• https://bugzilla.suse.com/show_bug.cgi?id=998183