rpm/apache2-mod_nss
SHA256
1
0
Fork 0
forked from pool/apache2-mod_nss
Code Pull Requests Activity
6 Commits 1 Branch 0 Tags 396 KiB
1d3e419a19
Commit Graph

5 Commits

Author SHA256 Message Date
Wolfgang Rosenauer
1d3e419a19 Accepting request 222758 from home:draht:branches:mozilla:Factory 
- mod_nss-cipherlist_update_for_tls12-doc.diff
  mod_nss-cipherlist_update_for_tls12.diff
  GCM mode and Camellia ciphers added to the supported ciphers list.
  The additional ciphers are: 
  rsa_aes_128_gcm_sha == TLS_RSA_WITH_AES_128_GCM_SHA256
  rsa_camellia_128_sha == TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
  rsa_camellia_256_sha == TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
  ecdh_ecdsa_aes_128_gcm_sha == TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
  ecdhe_ecdsa_aes_128_gcm_sha == TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  ecdh_rsa_aes_128_gcm_sha == TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
  ecdhe_rsa_aes_128_gcm_sha == TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  [bnc#863035]

- mod_nss-CVE-2013-4566-NSSVerifyClient.diff fixes CVE-2013-4566:
  If 'NSSVerifyClient none' is set in the server / vhost context
  (i.e. when server is configured to not request or require client
  certificate authentication on the initial connection), and client
  certificate authentication is expected to be required for a 
  specific directory via 'NSSVerifyClient require' setting, 
  mod_nss fails to properly require certificate authentication.
  Remote attacker can use this to access content of the restricted
  directories. [bnc#853039]

- glue documentation added to /etc/apache2/conf.d/mod_nss.conf:
  * simultaneaous usage of mod_ssl and mod_nss
  * SNI concurrency
  * SUSE framework for apache configuration, Listen directive
  * module initialization
- mod_nss-conf.patch obsoleted by scratch-version of nss.conf.in
  or mod_nss.conf, respectively. This also leads to the removal of

OBS-URL: https://build.opensuse.org/request/show/222758
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/apache2-mod_nss?expand=0&rev=8
 2014-02-20 21:12:44 +00:00
Wolfgang Rosenauer
4b69663a7b Accepting request 186032 from home:msmeissn:branches:mozilla:Factory 
- mod_nss-tlsv1_1.patch: nss.conf.in missed for TLSv1.2 default.
- mod_nss-clientauth.patch: merged from RHEL6 pkg
- mod_nss-PK11_ListCerts_2.patch: merged from RHEL6 pkg
- mod_nss-no_shutdown_if_not_init_2.patch: merged from RHEL6 pkg
- mod_nss-sslmultiproxy.patch: merged from RHEL6 pkg
- make it build on both Apache2 2.4 and 2.2 systems

OBS-URL: https://build.opensuse.org/request/show/186032
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/apache2-mod_nss?expand=0&rev=6
 2013-08-06 09:34:39 +00:00
Wolfgang Rosenauer
0b43549e36 Accepting request 185495 from home:msmeissn:branches:mozilla:Factory 
- Add support for TLS v1.1 and TLS v1.2 
  (TLS v1.2 requires mozilla nss 3.15.1 or newer.)
  - merged in mod_nss-proxyvariables.patch and mod_nss-tlsv1_1.patch
    from redhat to allow tls v1.1 too.
  - ported the tls v1.1 patch to be tls v1.2 aware
  - added mod_nss-proxyvariables.patch (from RHEL6 package)
  - added mod_nss-tlsv1_1.patch (from RHEL6 package, enhanced with TLS 1.2)
- mod_nss-array_overrun.patch: from RHEL6 package, fixed a array index overrun

OBS-URL: https://build.opensuse.org/request/show/185495
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/apache2-mod_nss?expand=0&rev=4
 2013-08-01 17:01:22 +00:00
Wolfgang Rosenauer
09ef64b431 Accepting request 182915 from home:aeneas_jaissle:branches:mozilla:Factory 
- Changed source to original tar.gz

OBS-URL: https://build.opensuse.org/request/show/182915
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/apache2-mod_nss?expand=0&rev=2
 2013-07-12 11:45:55 +00:00
Wolfgang Rosenauer
347dafaa45 osc copypac from project:mozilla package:apache2-mod_nss revision:4 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/apache2-mod_nss?expand=0&rev=1
 2013-07-11 16:44:28 +00:00