Commit Graph

2 Commits

Author SHA256 Message Date
Wolfgang Rosenauer
f6aa3fb9fb - update to NSS 3.57
* The following CA certificates were Added:
    bmo#1663049 - CN=Trustwave Global Certification Authority
        SHA-256 Fingerprint: 97552015F5DDFC3C8788C006944555408894450084F100867086BC1A2BB58DC8
    bmo#1663049 - CN=Trustwave Global ECC P256 Certification Authority
        SHA-256 Fingerprint: 945BBC825EA554F489D1FD51A73DDF2EA624AC7019A05205225C22A78CCFA8B4
    bmo#1663049 - CN=Trustwave Global ECC P384 Certification Authority
        SHA-256 Fingerprint: 55903859C8C0C3EBB8759ECE4E2557225FF5758BBD38EBD48276601E1BD58097
  * The following CA certificates were Removed:
    bmo#1651211 - CN=EE Certification Centre Root CA
        SHA-256 Fingerprint: 3E84BA4342908516E77573C0992F0979CA084E4685681FF195CCBA8A229B8A76
    bmo#1656077 - O=Government Root Certification Authority; C=TW
        SHA-256 Fingerprint: 7600295EEFE85B9E1FD624DB76062AAAAE59818A54D2774CD4C0B2C01131E1B3
  * Trust settings for the following CA certificates were Modified:
    bmo#1653092 - CN=OISTE WISeKey Global Root GA CA
        Websites (server authentication) trust bit removed.
  * https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes
- requires NSPR 4.29
- removed obsolete nss-freebl-fix-aarch64.patch (bmo#1659256)
- introduced _constraints due to high memory requirements especially
  for LTO on Tumbleweed

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=337
2020-10-07 08:15:55 +00:00
Wolfgang Rosenauer
194c062b5d - add FIPS mode patches from SLE stream
nss-fips-aes-keywrap-post.patch
  nss-fips-approved-crypto-non-ec.patch
  nss-fips-cavs-dsa-fixes.patch
  nss-fips-cavs-general.patch
  nss-fips-cavs-kas-ecc.patch
  nss-fips-cavs-kas-ffc.patch
  nss-fips-cavs-keywrap.patch
  nss-fips-cavs-rsa-fixes.patch
  nss-fips-combined-hash-sign-dsa-ecdsa.patch
  nss-fips-constructor-self-tests.patch
  nss-fips-detect-fips-mode-fixes.patch
  nss-fips-dsa-kat.patch
  nss-fips-gcm-ctr.patch
  nss-fips-pairwise-consistency-check.patch
  nss-fips-rsa-keygen-strictness.patch
  nss-fips-tls-allow-md5-prf.patch
  nss-fips-use-getrandom.patch
  nss-fips-use-strong-random-pool.patch
  nss-fips-zeroization.patch
  nss-fix-dh-pkcs-derive-inverted-logic.patch

- update to NSS 3.53.1
  * required for Firefox 78
  * CVE-2020-12402 - Use constant-time GCD and modular inversion in MPI.
    (bmo#1631597, bsc#1173032)

- update to NSS 3.53
  Notable changes
  * SEED is now moved into a new freebl directory freebl/deprecated

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=326
2020-06-27 21:18:50 +00:00