./emulators/suse131_mozilla-nss, Linux compatibility package for Mozilla NSS

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 13.1nb6, Package name: suse_mozilla-nss-13.1nb6, Maintainer: pkgsrc-users

Linux compatibility package based on the openSUSE Linux distribution.
Please visit http://www.opensuse.org/ for more information about openSUSE
Linux.

This package supports running ELF binaries linked with glibc2 that
require Mozilla Network Security Services shared libraries.


Required to run:
[emulators/suse131_mozilla-nspr]

Master sites:


Version history: (Expand)


CVS history: (Expand)


   2016-06-17 19:21:39 by Izumi Tsutsui | Files touched by this commit (26) | Package updated
Log message:
Update more RPMs from Suse 13.1.
   2015-11-03 21:31:11 by Alistair G. Crooks | Files touched by this commit (211)
Log message:
Add SHA512 digests for distfiles for emulators category

Problems found with existing digests:
	Package suse131_libSDL
	1c4d17a53bece6243cb3e6dd11c36d50f851a4f4 [recorded]
	da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]
	Package suse131_libdbus
	de99fcfa8e2c7ced28caf38c24d217d6037aaa56 [recorded]
	da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]
	Package suse131_qt4
	94daff738912c96ed8878ce1a131cd49fb379206 [recorded]
	886206018431aee9f8a01e1fb7e46973e8dca9d9 [calculated]

Problems found locating distfiles for atari800, compat12, compat 13,
compat14, compat15, compat20, compat30, compat40, compat50,
compat50-x11, compat51, compat51-x11, compat60, compat61,
compat61-x11, fmsx, osf1_lib, vice, xbeeb, xm7.

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-07-28 10:49:16 by Thomas Klausner | Files touched by this commit (42) | Package updated
Log message:
Update RPMs from latest openSUSE 13.1 files.
From Rin Okuyama in PR 50082.
   2015-02-16 11:15:50 by Jonathan Perkin | Files touched by this commit (92)
Log message:
Put back PKGNAME definitions.
   2015-02-11 10:38:19 by OBATA Akio | Files touched by this commit (92)
Log message:
Revert
 define PKGNAME instead of fake DISTNAME
PKGNAME is unstable variable in current pkgsrc framework, so packages must not
rely on it.
   2014-11-03 09:28:08 by OBATA Akio | Files touched by this commit (2) | Package updated
Log message:
Apply following updates to suse131_mozilla-nss, bump PKGREVISION to 4.

==============================================================================
   openSUSE Security Update: MozillaFirefox to Firefox 32
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2014:1099-1
Rating:             moderate
References:         #894201 #894370
Cross-References:   CVE-2014-1553 CVE-2014-1562 CVE-2014-1563
                    CVE-2014-1564 CVE-2014-1565 CVE-2014-1567

Affected Products:
                    openSUSE 13.1
                    openSUSE 12.3
______________________________________________________________________________

   An update that fixes 6 vulnerabilities is now available.

Description:
 ...
   Mozilla NSS was updated to 3.16.4: Notable Changes:
   * The following 1024-bit root CA certificate was restored to allow more
     time to develop a better transition strategy for affected sites. It was
     removed in NSS 3.16.3, but discussion in the mozilla.dev.security.policy
     forum led to the decision to keep this root included longer in order to
     give website administrators more time to update their web servers.
       - CN = GTE CyberTrust Global Root
   * In NSS 3.16.3, the 1024-bit "Entrust.net Secure Server Certification
     Authority" root CA certificate was removed. In NSS 3.16.4, a 2048-bit
     intermediate CA certificate has been included, without explicit trust.
     The intention is to mitigate the effects of the previous removal of the
     1024-bit Entrust.net root certificate, because many public Internet
     sites still use the "USERTrust Legacy Secure Server CA" intermediate
     certificate that is signed by the 1024-bit Entrust.net root certificate.
     The inclusion of the intermediate certificate is a temporary measure to
     allow those sites to function, by allowing them to find a trust path to
     another 2048-bit root CA certificate. The temporarily included
     intermediate certificate expires November 1, 2015.

==============================================================================
   openSUSE Security Update: mozilla-nss: update to avoid signature forgery
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2014:1232-1
Rating:             critical
References:         #897890
Cross-References:   CVE-2014-1568
Affected Products:
                    openSUSE 13.1
                    openSUSE 12.3
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:

   Mozilla NSS is vulnerable to a variant of a signature forgery attack
   previously published by Daniel Bleichenbacher. This is due to lenient
   parsing of ASN.1 values involved in a signature and could lead to the
   forging of RSA certificates.

==============================================================================
   openSUSE Security Update: update for firefox, mozilla-nspr, mozilla-nss and \ 
seamonkey
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2014:1345-1
Rating:             moderate
References:         #894370 #896624 #897890 #900941 #901213
Cross-References:   CVE-2014-1554 CVE-2014-1574 CVE-2014-1575
                    CVE-2014-1576 CVE-2014-1577 CVE-2014-1578
                    CVE-2014-1580 CVE-2014-1581 CVE-2014-1582
                    CVE-2014-1583 CVE-2014-1584 CVE-2014-1585
                    CVE-2014-1586
Affected Products:
                    openSUSE 13.1
______________________________________________________________________________

   An update that fixes 13 vulnerabilities is now available.

Description:
 ...
   Changes in mozilla-nss:
   - update to 3.17.1 (bnc#897890)
     * Change library's signature algorithm default to SHA256
     * Add support for draft-ietf-tls-downgrade-scsv
     * Add clang-cl support to the NSS build system
     * Implement TLS 1.3:
       * Part 1. Negotiate TLS 1.3
       * Part 2. Remove deprecated cipher suites andcompression.
     * Add support for little-endian powerpc64

   - update to 3.17
     * required for Firefox 33 New functionality:
     * When using ECDHE, the TLS server code may be configured to generate a
       fresh ephemeral ECDH key for each handshake, by setting the
       SSL_REUSE_SERVER_ECDHE_KEY socket option to PR_FALSE. The
       SSL_REUSE_SERVER_ECDHE_KEY option defaults to PR_TRUE, which means the
       server's ephemeral ECDH key is reused for multiple handshakes. This
       option does not affect the TLS client code, which always generates a
       fresh ephemeral ECDH key for each handshake. New Macros
     * SSL_REUSE_SERVER_ECDHE_KEY Notable Changes:
     * The manual pages for the certutil and pp tools have been updated to
       document the new parameters that had been added in NSS 3.16.2.
     * On Windows, the new build variable USE_STATIC_RTL can be used to
       specify the static C runtime library should be used. By default the
       dynamic C runtime library is used.
   2014-09-07 14:26:44 by OBATA Akio | Files touched by this commit (88)
Log message:
define PKGNAME instead of fake DISTNAME.
   2014-08-01 11:28:47 by OBATA Akio | Files touched by this commit (2) | Package updated
Log message:
Appy openSUSE-SU-2014:0939-1, fixes CVE-2014-1544.

Bump PKGREVISION.