Overview
Request 223809 accepted
- update to 3.15.5
* required for Firefox 28
* export FREEBL_LOWHASH to get the correct default headers
(bnc#865539)
New functionality
* Added support for the TLS application layer protocol negotiation
(ALPN) extension. Two SSL socket options, SSL_ENABLE_NPN and
SSL_ENABLE_ALPN, can be used to control whether NPN or ALPN (or both)
should be used for application layer protocol negotiation.
* Added the TLS padding extension. The extension type value is 35655,
which may change when an official extension type value is assigned
by IANA. NSS automatically adds the padding extension to ClientHello
when necessary.
* Added a new macro CERT_LIST_TAIL, defined in certt.h, for getting
the tail of a CERTCertList.
Notable Changes
* bmo#950129: Improve the OCSP fetching policy when verifying OCSP
responses
* bmo#949060: Validate the iov input argument (an array of PRIOVec
structures) of ssl_WriteV (called via PR_Writev). Applications should
still take care when converting struct iov to PRIOVec because the
iov_len members of the two structures have different types
(size_t vs. int). size_t is unsigned and may be larger than int.
- BuildRequire mozilla-nspr >= 4.9
- Created by wrosenauer
- In state accepted
Request History
wrosenauer created request
- update to 3.15.5
* required for Firefox 28
* export FREEBL_LOWHASH to get the correct default headers
(bnc#865539)
New functionality
* Added support for the TLS application layer protocol negotiation
(ALPN) extension. Two SSL socket options, SSL_ENABLE_NPN and
SSL_ENABLE_ALPN, can be used to control whether NPN or ALPN (or both)
should be used for application layer protocol negotiation.
* Added the TLS padding extension. The extension type value is 35655,
which may change when an official extension type value is assigned
by IANA. NSS automatically adds the padding extension to ClientHello
when necessary.
* Added a new macro CERT_LIST_TAIL, defined in certt.h, for getting
the tail of a CERTCertList.
Notable Changes
* bmo#950129: Improve the OCSP fetching policy when verifying OCSP
responses
* bmo#949060: Validate the iov input argument (an array of PRIOVec
structures) of ssl_WriteV (called via PR_Writev). Applications should
still take care when converting struct iov to PRIOVec because the
iov_len members of the two structures have different types
(size_t vs. int). size_t is unsigned and may be larger than int.
- BuildRequire mozilla-nspr >= 4.9
factory-auto added a reviewer
Pick Staging Project
factory-auto added a reviewer
Please review sources
factory-auto added a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
licensedigger accepted review
{"approve": "preliminary, version number changed"}
factory-repo-checker accepted review
Builds for repo openSUSE_Factory
coolo added a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:C"
coolo accepted review
dimstar accepted review
ok
coolo accepted review
coolo approved review
coolo accepted request
Accept to factory