Network Security Services
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled server
applications. Applications built with NSS can support SSL v2 and v3,
TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3
certificates, and other security standards.
- Developed at mozilla:Factory
- Sources inherited from project openSUSE:Factory
-
8
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Backports:SLE-15-SP4:SLECandidates/mozilla-nss && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| add-relro-linker-option.patch | 0000000433 433 Bytes | |
| baselibs.conf | 0000000319 319 Bytes | |
| bmo-1400603.patch | 0000012934 12.6 KB | |
| cert9.db | 0000009216 9 KB | |
| key4.db | 0000011264 11 KB | |
| malloc.patch | 0000000300 300 Bytes | |
| mozilla-nss-rpmlintrc | 0000000187 187 Bytes | |
| mozilla-nss.changes | 0000100400 98 KB | |
| mozilla-nss.spec | 0000012849 12.5 KB | |
| nss-3.39.tar.gz | 0023048561 22 MB | |
| nss-config.in | 0000002408 2.35 KB | |
| nss-disable-ocsp-test.patch | 0000000465 465 Bytes | |
| nss-no-rpath.patch | 0000001040 1.02 KB | |
| nss-opt.patch | 0000000739 739 Bytes | |
| nss-sqlitename.patch | 0000000891 891 Bytes | |
| nss.pc.in | 0000000250 250 Bytes | |
| pkcs11.txt | 0000000450 450 Bytes | |
| setup-nsssysinit.sh | 0000001255 1.23 KB | |
| system-nspr.patch | 0000000793 793 Bytes |
Revision 140 (latest revision is 217)
Dominique Leuenberger (dimstar_suse)
accepted
request 644083
from
Wolfgang Rosenauer (wrosenauer)
(revision 140)
in preparation of Firefox 63
- update to NSS 3.39
* required by Firefox 63.0
Notable bug fixes
* NSS responded to an SSLv2-compatible ClientHello with a
ServerHello that had an all-zero random (CVE-2018-12384) (bmo#1483128)
New functionality
* The tstclnt and selfserv utilities added support for configuring
the enabled TLS signature schemes using the -J parameter.
* NSS will use RSA-PSS keys to authenticate in TLS. Support for
these keys is disabled by default but can be enabled using
SSL_SignatureSchemePrefSet().
* certutil added the ability to delete an orphan private key from
an NSS key database.
* Added the nss-policy-check utility, which can be used to check
an NSS policy configuration for problems.
* A PKCS#11 URI can be used as an identifier for a PKCS#11 token.
Notable changes
* The TLS 1.3 implementation uses the final version number from
RFC 8446.
* Previous versions of NSS accepted an RSA PKCS#1 v1.5 signature
where the DigestInfo structure was missing the NULL parameter.
Starting with version 3.39, NSS requires the encoding to contain
the NULL parameter.
* The tstclnt and selfserv test utilities no longer accept the -z
parameter, as support for TLS compression was removed in a
previous NSS version.
* The CA certificates list was updated to version 2.26.
* The following CA certificates were Added:
- OU = GlobalSign Root CA - R6
- CN = OISTE WISeKey Global Root GC CA
Comments 0