pkgsrc.se | The NetBSD package collection

./devel/nss, Libraries to support development of security-enabled applications

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2015Q4, Version: 3.22, Package name: nss-3.22, Maintainer: pkgsrc-users

Network Security Services (NSS) is a set of libraries designed to support
cross-platform development of security-enabled server applications.
Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7,
PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security
standards.

Required to run:
[databases/sqlite3] [devel/nspr]

Master sites: (Expand)

SHA1: 47e1b0f297eabe9965abde3f1c5baafdee513f84
RMD160: 79199bbf1706f8db6c07847cb72c0ea7cfae5efa
Filesize: 6828.464 KB

Version history: (Expand)

(2016-04-04) Updated to version: nss-3.22
(2016-01-02) Package added to pkgsrc.se, version nss-3.21 (created)

CVS history: (Expand)

2016-04-03 23:02:56 by S.P.Zeidler | Files touched by this commit (2) | Package updated

Log message:
Pullup ticket #4952 - requested by bsiegert
devel/nss: security update

Revisions pulled up:
- devel/nss/Makefile                                            1.106
- devel/nss/distinfo                                            1.55

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   ryoon
   Date:           Sat Feb  6 22:09:56 UTC 2016

   Modified Files:
           pkgsrc/devel/nss: Makefile distinfo

   Log message:
   Update to 3.22

   Changelog:
   The NSS team has released Network Security Services (NSS) 3.22,
   which is a minor release.

   New functionality:
   * RSA-PSS signatures are now supported (bug 1215295)
   * Pseudorandom functions based on hashes other than SHA-1 are now supported
   * Enforce an External Policy on NSS from a config file (bug 1009429)

   New Functions:
   * PK11_SignWithMechanism - an extended version PK11_Sign()
   * PK11_VerifyWithMechanism - an extended version of PK11_Verify()
   * SSL_PeerSignedCertTimestamps - Get signed_certificate_timestamp
     TLS extension data
   * SSL_SetSignedCertTimestamps - Set signed_certificate_timestamp
     TLS extension data

   New Types:
   * ssl_signed_cert_timestamp_xtn is added to SSLExtensionType
   * Constants for several object IDs are added to SECOidTag

   New Macros:
   * SSL_ENABLE_SIGNED_CERT_TIMESTAMPS
   * NSS_USE_ALG_IN_SSL
   * NSS_USE_POLICY_IN_SSL
   * NSS_RSA_MIN_KEY_SIZE
   * NSS_DH_MIN_KEY_SIZE
   * NSS_DSA_MIN_KEY_SIZE
   * NSS_TLS_VERSION_MIN_POLICY
   * NSS_TLS_VERSION_MAX_POLICY
   * NSS_DTLS_VERSION_MIN_POLICY
   * NSS_DTLS_VERSION_MAX_POLICY
   * CKP_PKCS5_PBKD2_HMAC_SHA224
   * CKP_PKCS5_PBKD2_HMAC_SHA256
   * CKP_PKCS5_PBKD2_HMAC_SHA384
   * CKP_PKCS5_PBKD2_HMAC_SHA512
   * CKP_PKCS5_PBKD2_HMAC_GOSTR3411 - (not supported)
   * CKP_PKCS5_PBKD2_HMAC_SHA512_224 - (not supported)
   * CKP_PKCS5_PBKD2_HMAC_SHA512_256 - (not supported)

   table Changes:
   * NSS C++ tests are built by default, requiring a C++11 compiler.
     Set the NSS_DISABLE_GTESTS variable to 1 to disable building these tests.

   The HG tag is NSS_3_22_RTM. NSS 3.22 requires NSPR 4.11 or newer.

   To generate a diff of this commit:
   cvs rdiff -u -r1.105 -r1.106 pkgsrc/devel/nss/Makefile
   cvs rdiff -u -r1.54 -r1.55 pkgsrc/devel/nss/distinfo