LogoopenSUSE Build Service > Projects > mozilla:Factory > mozilla-nss > Revisions
Sign Up | Log In

Revision Log of mozilla-nss (215)

buildservice-autocommit accepted request 400680 about 2 months ago (revision 215)
baserev update by copy to link target
Wolfgang Rosenauer Wolfgang Rosenauer (wrosenauer) accepted request 400673 about 2 months ago (revision 214)
CVE-2016-1950 was already fixed in 3.22.3, add there.
Add CVE-2016-2834 to 3.23 section
Wolfgang Rosenauer Wolfgang Rosenauer (wrosenauer) committed about 2 months ago (revision 213)
Wolfgang Rosenauer Wolfgang Rosenauer (wrosenauer) committed 2 months ago (revision 212)
- update to NSS 3.23
  New functionality:
  * ChaCha20/Poly1305 cipher and TLS cipher suites now supported
  * Experimental-only support TLS 1.3 1-RTT mode (draft-11).
    This code is not ready for production use.
  New functions:
  * SSL_SetDowngradeCheckVersion - Set maximum version for new
    ServerRandom anti-downgrade mechanism. Clients that perform a
    version downgrade (which is generally a very bad idea) call this
    with the highest version number that they possibly support.
    This gives them access to the version downgrade protection from
    TLS 1.3.
  Notable changes:
  * The copy of SQLite shipped with NSS has been updated to version
    3.10.2
  * The list of TLS extensions sent in the TLS handshake has been
    reordered to increase compatibility of the Extended Master Secret
    with with servers
  * The build time environment variable NSS_ENABLE_ZLIB has been
    renamed to NSS_SSL_ENABLE_ZLIB
  * The build time environment variable NSS_DISABLE_CHACHAPOLY was
    added, which can be used to prevent compilation of the
    ChaCha20/Poly1305 code.
  * The following CA certificates were Removed
    - Staat der Nederlanden Root CA
    - NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado
    - NetLock Kozjegyzoi (Class A) Tanusitvanykiado
    - NetLock Uzleti (Class B) Tanusitvanykiado
    - NetLock Expressz (Class C) Tanusitvanykiado
    - VeriSign Class 1 Public PCA – G2
Wolfgang Rosenauer Wolfgang Rosenauer (wrosenauer) accepted request 390595 3 months ago (revision 211)
-  add nss_gcc6_change.patch
to avoid build error in https://build.opensuse.org/package/show/openSUSE:Factory:Staging:Gcc6/mozilla-nss
buildservice-autocommit accepted request 384318 4 months ago (revision 210)
baserev update by copy to link target
Wolfgang Rosenauer Wolfgang Rosenauer (wrosenauer) committed 4 months ago (revision 209)
- update to NSS 3.22.3
  * required for Firefox 46.0
  * Increase compatibility of TLS extended master secret,
    don't send an empty TLS extension last in the handshake
    (bmo#1243641)

- update to NSS 3.22.2
  New functionality:
  * RSA-PSS signatures are now supported (bmo#1215295)
  * Pseudorandom functions based on hashes other than SHA-1 are now supported
  * Enforce an External Policy on NSS from a config file (bmo#1009429)
  New functions:
  * PK11_SignWithMechanism - an extended version PK11_Sign()
  * PK11_VerifyWithMechanism - an extended version of PK11_Verify()
  * SSL_PeerSignedCertTimestamps - Get signed_certificate_timestamp
    TLS extension data
  * SSL_SetSignedCertTimestamps - Set signed_certificate_timestamp
    TLS extension data
  New types:
  * ssl_signed_cert_timestamp_xtn is added to SSLExtensionType
  * Constants for several object IDs are added to SECOidTag
  New macros:
  * SSL_ENABLE_SIGNED_CERT_TIMESTAMPS
  * NSS_USE_ALG_IN_SSL
  * NSS_USE_POLICY_IN_SSL
  * NSS_RSA_MIN_KEY_SIZE
  * NSS_DH_MIN_KEY_SIZE
  * NSS_DSA_MIN_KEY_SIZE
  * NSS_TLS_VERSION_MIN_POLICY
  * NSS_TLS_VERSION_MAX_POLICY
buildservice-autocommit accepted request 368766 4 months ago (revision 208)
baserev update by copy to link target
Wolfgang Rosenauer Wolfgang Rosenauer (wrosenauer) committed 5 months ago (revision 207)
- update to NSS 3.21.1 (bmo#969894)
  * MFSA 2016-35/CVE-2016-1950 (bmo#1245528)
    Buffer overflow during ASN.1 decoding in NSS
    (fixed by requiring 3.21.1)
  * MFSA 2016-36/CVE-2016-1979 (bmo#1185033)
    Use-after-free during processing of DER encoded keys in NSS
    (fixed by requiring 3.21.1)
Wolfgang Rosenauer Wolfgang Rosenauer (wrosenauer) committed 5 months ago (revision 206)
- update to NSS 3.21.1
  * required for Firefox 45.0
  * no upstream release notes available
buildservice-autocommit accepted request 356139 6 months ago (revision 205)
baserev update by copy to link target
Wolfgang Rosenauer Wolfgang Rosenauer (wrosenauer) committed 6 months ago (revision 204)
- added nss-bmo1236011.patch to fix compiler error (bmo#1236011)
- disabled testsuite as it currently breaks (bmo#1236340)
Wolfgang Rosenauer Wolfgang Rosenauer (wrosenauer) committed 6 months ago (revision 203)
- update to NSS 3.21
  * required for Firefox 44.0
  New functionality:
  * certutil now supports a --rename option to change a nickname (bmo#1142209)
  * TLS extended master secret extension (RFC 7627) is supported (bmo#1117022)
  * New info functions added for use during mid-handshake callbacks (bmo#1084669)
  New Functions:
  * NSS_OptionSet - sets NSS global options
  * NSS_OptionGet - gets the current value of NSS global options
  * SECMOD_CreateModuleEx - Create a new SECMODModule structure from module name
    string, module parameters string, NSS specific parameters string, and NSS
    configuration parameter string. The module represented by the module
    structure is not loaded. The difference with SECMOD_CreateModule is the new
    function handles NSS configuration parameter strings.
  * SSL_GetPreliminaryChannelInfo - obtains information about a TLS channel prior
    to the handshake being completed, for use with the callbacks that are invoked
    during the handshake
  * SSL_SignaturePrefSet - configures the enabled signature and hash algorithms
    for TLS
  * SSL_SignaturePrefGet - retrieves the currently configured signature and hash
    algorithms
  * SSL_SignatureMaxCount - obtains the maximum number signature algorithms that
    can be configured with SSL_SignaturePrefSet
  * NSSUTIL_ArgParseModuleSpecEx - takes a module spec and breaks it into shared
    library string, module name string, module parameters string, NSS specific
    parameters string, and NSS configuration parameter strings. The returned
    strings must be freed by the caller. The difference with
    NSS_ArgParseModuleSpec is the new function handles NSS configuration
    parameter strings.
  * NSSUTIL_MkModuleSpecEx - take a shared library string, module name string,
buildservice-autocommit accepted request 351733 7 months ago (revision 202)
baserev update by copy to link target
buildservice-autocommit accepted request 350520 7 months ago (revision 201)
baserev update by copy to link target
Wolfgang Rosenauer Wolfgang Rosenauer (wrosenauer) committed 7 months ago (revision 200)
  * MFSA 2015-150/CVE-2015-7575 (bmo#1158489)
    MD5 signatures accepted within TLS 1.2 ServerKeyExchange in
    server signature
Wolfgang Rosenauer Wolfgang Rosenauer (wrosenauer) committed 7 months ago (revision 199)
- update to NSS 3.20.2 (bnc#959888)
Wolfgang Rosenauer Wolfgang Rosenauer (wrosenauer) committed 7 months ago (revision 198)
- update to NSS 3.20.2
- update to NSS 3.20.1 (bnc#952810)
Wolfgang Rosenauer Wolfgang Rosenauer (wrosenauer) committed 7 months ago (revision 197)
- update to NSS 4.20.2
buildservice-autocommit accepted request 342323 9 months ago (revision 196)
baserev update by copy to link target

Show all