78519384c7
* required by Firefox 69.0
New functions
* PK11_FindRawCertsWithSubject - Finds all certificates on the
given slot with the given subject distinguished name and returns
them as DER bytes. If no such certificates can be found, returns
SECSuccess and sets *results to NULL. If a failure is encountered
while fetching any of the matching certificates, SECFailure is
returned and *results will be NULL.
Notable changes
* bmo#1540403 - Implement Delegated Credentials
* bmo#1550579 - Replace ARM32 Curve25519 implementation with one
from fiat-crypto
* bmo#1551129 - Support static linking on Windows
* bmo#1552262 - Expose a function PK11_FindRawCertsWithSubject for
finding certificates with a given subject on a given slot
* bmo#1546229 - Add IPSEC IKE support to softoken
* bmo#1554616 - Add support for the Elbrus lcc compiler (<=1.23)
* bmo#1543874 - Expose an external clock for SSL
* bmo#1546477 - Various changes in response to the ongoing FIPS review
Certificate Authority Changes
* The following CA certificates were Removed:
bmo#1552374 - CN = Certinomis - Root CA
Bugs fixed
* bmo#1540541 - Don't unnecessarily strip leading 0's from key material
during PKCS11 import (CVE-2019-11719)
* bmo#1515342 - More thorough input checking (CVE-2019-11729)
* bmo#1552208 - Prohibit use of RSASSA-PKCS1-v1_5 algorithms in
TLS 1.3 (CVE-2019-11727)
* bmo#1227090 - Fix a potential divide-by-zero in makePfromQandSeed
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=287