59089d94de
* required by Firefox 63.0
Notable bug fixes
* NSS responded to an SSLv2-compatible ClientHello with a
ServerHello that had an all-zero random (CVE-2018-12384) (bmo#1483128)
New functionality
* The tstclnt and selfserv utilities added support for configuring
the enabled TLS signature schemes using the -J parameter.
* NSS will use RSA-PSS keys to authenticate in TLS. Support for
these keys is disabled by default but can be enabled using
SSL_SignatureSchemePrefSet().
* certutil added the ability to delete an orphan private key from
an NSS key database.
* Added the nss-policy-check utility, which can be used to check
an NSS policy configuration for problems.
* A PKCS#11 URI can be used as an identifier for a PKCS#11 token.
Notable changes
* The TLS 1.3 implementation uses the final version number from
RFC 8446.
* Previous versions of NSS accepted an RSA PKCS#1 v1.5 signature
where the DigestInfo structure was missing the NULL parameter.
Starting with version 3.39, NSS requires the encoding to contain
the NULL parameter.
* The tstclnt and selfserv test utilities no longer accept the -z
parameter, as support for TLS compression was removed in a
previous NSS version.
* The CA certificates list was updated to version 2.26.
* The following CA certificates were Added:
- OU = GlobalSign Root CA - R6
- CN = OISTE WISeKey Global Root GC CA
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=272
|
||
|---|---|---|
| .gitattributes | ||
| .gitignore | ||
| add-relro-linker-option.patch | ||
| baselibs.conf | ||
| bmo-1400603.patch | ||
| cert9.db | ||
| key4.db | ||
| malloc.patch | ||
| mozilla-nss-rpmlintrc | ||
| mozilla-nss.changes | ||
| mozilla-nss.spec | ||
| nss-3.39.tar.gz | ||
| nss-config.in | ||
| nss-disable-ocsp-test.patch | ||
| nss-no-rpath.patch | ||
| nss-opt.patch | ||
| nss-sqlitename.patch | ||
| nss.pc.in | ||
| pkcs11.txt | ||
| setup-nsssysinit.sh | ||
| system-nspr.patch | ||