Overview Repositories Revisions Requests Users Attributes Meta

Revisions of mozilla-nss

Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 209) 
- update to NSS 3.22.3
  * required for Firefox 46.0
  * Increase compatibility of TLS extended master secret,
    don't send an empty TLS extension last in the handshake
    (bmo#1243641)

- update to NSS 3.22.2
  New functionality:
  * RSA-PSS signatures are now supported (bmo#1215295)
  * Pseudorandom functions based on hashes other than SHA-1 are now supported
  * Enforce an External Policy on NSS from a config file (bmo#1009429)
  New functions:
  * PK11_SignWithMechanism - an extended version PK11_Sign()
  * PK11_VerifyWithMechanism - an extended version of PK11_Verify()
  * SSL_PeerSignedCertTimestamps - Get signed_certificate_timestamp
    TLS extension data
  * SSL_SetSignedCertTimestamps - Set signed_certificate_timestamp
    TLS extension data
  New types:
  * ssl_signed_cert_timestamp_xtn is added to SSLExtensionType
  * Constants for several object IDs are added to SECOidTag
  New macros:
  * SSL_ENABLE_SIGNED_CERT_TIMESTAMPS
  * NSS_USE_ALG_IN_SSL
  * NSS_USE_POLICY_IN_SSL
  * NSS_RSA_MIN_KEY_SIZE
  * NSS_DH_MIN_KEY_SIZE
  * NSS_DSA_MIN_KEY_SIZE
  * NSS_TLS_VERSION_MIN_POLICY
  * NSS_TLS_VERSION_MAX_POLICY
buildservice-autocommit accepted request 368766 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 208) 
baserev update by copy to link target
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 207) 
- update to NSS 3.21.1 (bmo#969894)
  * MFSA 2016-35/CVE-2016-1950 (bmo#1245528)
    Buffer overflow during ASN.1 decoding in NSS
    (fixed by requiring 3.21.1)
  * MFSA 2016-36/CVE-2016-1979 (bmo#1185033)
    Use-after-free during processing of DER encoded keys in NSS
    (fixed by requiring 3.21.1)
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 206) 
- update to NSS 3.21.1
  * required for Firefox 45.0
  * no upstream release notes available
buildservice-autocommit accepted request 356139 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 205) 
baserev update by copy to link target
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 204) 
- added nss-bmo1236011.patch to fix compiler error (bmo#1236011)
- disabled testsuite as it currently breaks (bmo#1236340)
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 203) 
- update to NSS 3.21
  * required for Firefox 44.0
  New functionality:
  * certutil now supports a --rename option to change a nickname (bmo#1142209)
  * TLS extended master secret extension (RFC 7627) is supported (bmo#1117022)
  * New info functions added for use during mid-handshake callbacks (bmo#1084669)
  New Functions:
  * NSS_OptionSet - sets NSS global options
  * NSS_OptionGet - gets the current value of NSS global options
  * SECMOD_CreateModuleEx - Create a new SECMODModule structure from module name
    string, module parameters string, NSS specific parameters string, and NSS
    configuration parameter string. The module represented by the module
    structure is not loaded. The difference with SECMOD_CreateModule is the new
    function handles NSS configuration parameter strings.
  * SSL_GetPreliminaryChannelInfo - obtains information about a TLS channel prior
    to the handshake being completed, for use with the callbacks that are invoked
    during the handshake
  * SSL_SignaturePrefSet - configures the enabled signature and hash algorithms
    for TLS
  * SSL_SignaturePrefGet - retrieves the currently configured signature and hash
    algorithms
  * SSL_SignatureMaxCount - obtains the maximum number signature algorithms that
    can be configured with SSL_SignaturePrefSet
  * NSSUTIL_ArgParseModuleSpecEx - takes a module spec and breaks it into shared
    library string, module name string, module parameters string, NSS specific
    parameters string, and NSS configuration parameter strings. The returned
    strings must be freed by the caller. The difference with
    NSS_ArgParseModuleSpec is the new function handles NSS configuration
    parameter strings.
  * NSSUTIL_MkModuleSpecEx - take a shared library string, module name string,
buildservice-autocommit accepted request 351733 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 202) 
baserev update by copy to link target
buildservice-autocommit accepted request 350520 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 201) 
baserev update by copy to link target
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 200) 
  * MFSA 2015-150/CVE-2015-7575 (bmo#1158489)
    MD5 signatures accepted within TLS 1.2 ServerKeyExchange in
    server signature
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 199) 
- update to NSS 3.20.2 (bnc#959888)
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 198) 
- update to NSS 3.20.2
- update to NSS 3.20.1 (bnc#952810)
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 197) 
- update to NSS 4.20.2
buildservice-autocommit accepted request 342323 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 196) 
baserev update by copy to link target
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 195) 
- update to NSS 4.20.1 (bnc#952810)
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 194) 
  * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182 (bmo#1192028, bmo#1202868)
    memory corruption issues
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 193) 
- update to NSS 4.20.1
  * requires NSPR 4.10.10
buildservice-autocommit accepted request 335620 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 192) 
baserev update by copy to link target
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) accepted request 333502 from Fridrich Strba's avatar Fridrich Strba (fstrba) (revision 191) 
Distribute libfreebl.a along other static libraries. It is needed for java 7 Sun Elliptical Curve Crypto provider
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 190) 
- update to NSS 3.20
  New functionality:
  * The TLS library has been extended to support DHE ciphersuites in
    server applications.
  New Functions:
  * SSL_DHEGroupPrefSet - Configure the set of allowed/enabled DHE group
    parameters that can be used by NSS for a server socket.
  * SSL_EnableWeakDHEPrimeGroup - Enable the use of weak DHE group
    parameters that are smaller than the library default's minimum size.
  New Types:
  * SSLDHEGroupType - Enumerates the set of DHE parameters embedded in
    NSS that can be used with function SSL_DHEGroupPrefSet.
  New Macros:
  * SSL_ENABLE_SERVER_DHE - A socket option user to enable or disable
    DHE ciphersuites for a server socket.
  Notable Changes:
  * For backwards compatibility reasons, the server side implementation
    of the TLS library keeps all DHE ciphersuites disabled by default.
    They can be enabled with the new socket option SSL_ENABLE_SERVER_DHE
    and the SSL_OptionSet or the SSL_OptionSetDefault API.
  * The server side implementation of the TLS implementation does not
    support session tickets when using a DHE ciphersuite (see bmo#1174677).
  * Support for the following ciphersuites has been added:
    - TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
    - TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
    - TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
  * By default, the server side TLS implementation will use DHE
    parameters with a size of 2048 bits when using DHE ciphersuites.
  * NSS embeds fixed DHE parameters sized 2048, 3072, 4096, 6144 and
    8192 bits, which were copied from version 08 of the Internet-Draft
Displaying revisions 241 - 260 of 449
openSUSE Build Service is sponsored by
Places