Log message:
nss: interim NetBSD/aarch64 build fix

Log message:
nss: delete patch hunk which should no longer be necessary

Log message:
Recursive revision bump after textproc/icu update

Log message:
nss: Add -lrt for sem_wait(3) on NetBSD

* Fix build under NetBSD/amd64-current with binutils 2.34.

Log message:
nss: Update to 3.51

Changelog:
Notable Changes in NSS 3.51

* Updated DTLS 1.3 implementation to Draft-34. See Bug 1608892 for details.

Bugs fixed in NSS 3.51

* Bug 1608892 - Update DTLS 1.3 implementation to draft-34.
* Bug 1611209 - Correct swapped PKCS11 values of CKM_AES_CMAC and
CKM_AES_CMAC_GENERAL
* Bug 1612259 - Complete integration of Wycheproof ECDH test cases
* Bug 1614183 - Check if PPC __has_include(<sys/auxv.h>)
* Bug 1614786 - Fix a compilation error for ‘getFIPSEnv’ "defined but not
used"
* Bug 1615208 - Send DTLS version numbers in DTLS 1.3 supported_versions
extension to avoid an incompatibility.
* Bug 1538980 - SECU_ReadDERFromFile calls strstr on a string that isn't
guaranteed to be null-terminated
* Bug 1561337 - Correct a warning for comparison of integers of different
signs: 'int' and 'unsigned long' in
security/nss/lib/freebl/ecl/ecp_25519.c:88
* Bug 1609751 - Add test for mp_int clamping
* Bug 1582169 - Don't attempt to read the fips_enabled flag on the machine
unless NSS was built with FIPS enabled
* Bug 1431940 - Fix a null pointer dereference in BLAKE2B_Update
* Bug 1617387 - Fix compiler warning in secsign.c
* Bug 1618400 - Fix a OpenBSD/arm64 compilation error: unused variable
'getauxval'
* Bug 1610687 - Fix a crash on unaligned CMACContext.aes.keySchedule when
using AES-NI intrinsics

Log message:
nss: Update to 3.50

Changelog:
Notable Changes in NSS 3.50

* Verified primitives from HACL* were updated, bringing performance
improvements for several platforms.
  Note that Intel processors with SSE4 but without AVX are currently unable to
use the improved ChaCha20/Poly1305 due to a build issue; such platforms will
fall-back to less optimized algorithms. See Bug 1609569 for details.

* Updated DTLS 1.3 implementation to Draft-30. See Bug 1599514 for details.

* Added NIST SP800-108 KBKDF - PKCS#11 implementation. See Bug 1599603 for
details.

Bugs fixed in NSS 3.50

* Bug 1599514 - Update DTLS 1.3 implementation to Draft-30
* Bug 1603438 - Fix native tools build failure due to lack of zlib include dir
if external
* Bug 1599603 - NIST SP800-108 KBKDF - PKCS#11 implementation
* Bug 1606992 - Cache the most recent PBKDF1 password hash, to speed up
repeated SDR operations, important with the increased KDF iteration counts.
NSS 3.49.1 sped up PBKDF2 operations, though PBKDF1 operations are also
relevant for older NSS databases (also included in NSS 3.49.2)
* Bug 1608895 - Gyp builds on taskcluster broken by Setuptools v45.0.0 (for
lacking Python3)
* Bug 1574643 - Upgrade HACL* verified implementations of ChaCha20, Poly1305,
and 64-bit Curve25519
* Bug 1608327 - Two problems with NEON-specific code in freebl
* Bug 1575843 - Detect AArch64 CPU features on FreeBSD
* Bug 1607099 - Remove the buildbot configuration
* Bug 1585429 - Add more HKDF test vectors
* Bug 1573911 - Add more RSA test vectors
* Bug 1605314 - Compare all 8 bytes of an mp_digit when clamping in Windows
assembly/mp_comba
* Bug 1604596 - Update Wycheproof vectors and add support for CBC, P256-ECDH,
and CMAC tests
* Bug 1608493 - Use AES-NI for non-GCM AES ciphers on platforms with no
assembly-optimized implementation, such as macOS.
* Bug 1547639 - Update zlib in NSS to 1.2.11
* Bug 1609181 - Detect ARM (32-bit) CPU features on FreeBSD
* Bug 1602386 - Fix build on FreeBSD/powerpc*
* Bug 1608151 - Introduce NSS_DISABLE_ALTIVEC
* Bug 1612623 - Depend on NSPR 4.25
* Bug 1609673 - Fix a crash when NSS is compiled without libnssdbm support,
but the nssdbm shared object is available anyway.

Log message:
nss: Update to 4.49.2

Changelog:
No new functionality is introduced in this release. This release fixes several
issues:

 - Bug 1606992 - Cache the most recent PBKDF1 password hash, to speed up
repeated SDR
   operations when using profiles using that hash. This is covering additional
cases
   not covered by NSS 3.49.1, important with the increased KDF iteration
counts.
 - Bug 1608327 - Fix compilation problems with NEON-specific code in freebl
 - Bug 1608895 - Fix a taskcluster issue with Python 2 / Python 3

NSS 3.49.2 requires NSPR 4.24 or newer.

Log message:
nss: Update DESCR

Log message:
nss: Update to 3.49.1

* Bump nspr requirement

Changelog:
No new functionality is introduced in these releases. These releases fix a
performance issue:

 - Bug 1606992 - Cache the most recent PBKDF2 password hash, to speed up
repeated SDR operations, important with the increased KDF iteration counts.

Log message:
nss: Update to 3.49

Changelog:
Notable Changes in NSS 3.49
 * The legacy DBM database, libnssdbm, is no longer built by default when
using gyp builds. See Bug 1594933 for details.

Bugs fixed in NSS 3.49
 * Bug 1513586 - Set downgrade sentinel for client TLS versions lower than
1.2.
 * Bug 1606025 - Remove -Wmaybe-uninitialized warning in sslsnce.c
 * Bug 1606119 - Fix PPC HW Crypto build failure
 * Bug 1605545 - Memory leak in Pk11Install_Platform_Generate
 * Bug 1602288 - Fix build failure due to missing posix signal.h
 * Bug 1588714 - Implement CheckARMSupport for Win64/aarch64
 * Bug 1585189 - NSS database uses 3DES instead of AES to encrypt DB entries
 * Bug 1603257 - Fix UBSAN issue in softoken CKM_NSS_CHACHA20_CTR
initialization
 * Bug 1590001 - Additional HRR Tests (CVE-2019-17023)
 * Bug 1600144 - Treat ClientHello with message_seq of 1 as a second
ClientHello
 * Bug 1603027 - Test that ESNI is regenerated after HelloRetryRequest
 * Bug 1593167 - Intermittent mis-reporting potential security risk
SEC_ERROR_UNKNOWN_ISSUER
 * Bug 1535787 - Fix automation/release/nss-release-helper.py on MacOS
 * Bug 1594933 - Disable building DBM by default
 * Bug 1562548 - Improve GCM perfomance on aarch32