Log message:
Add SHA512 digests for distfiles for devel category

Issues found with existing distfiles:
	distfiles/eclipse-sourceBuild-srcIncluded-3.0.1.zip
	distfiles/fortran-utils-1.1.tar.gz
	distfiles/ivykis-0.39.tar.gz
	distfiles/enum-1.11.tar.gz
	distfiles/pvs-3.2-libraries.tgz
	distfiles/pvs-3.2-linux.tgz
	distfiles/pvs-3.2-solaris.tgz
	distfiles/pvs-3.2-system.tgz
No changes made to these distinfo files.

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.

Log message:
Support SunOS/clang.

Log message:
Recursive revbump from textproc/icu

Log message:
Update to 3.20

Changelog:
The NSS team has released Network Security Services (NSS) 3.20,
which is a minor release.

New functionality:
* The TLS library has been extended to support DHE ciphersuites in
  server applications.

New Functions:
* SSL_DHEGroupPrefSet - Configure the set of allowed/enabled DHE group
  parameters that can be used by NSS for a server socket.
* SSL_EnableWeakDHEPrimeGroup - Enable the use of weak DHE group
  parameters that are smaller than the library default's minimum size.

New Types:
* SSLDHEGroupType - Enumerates the set of DHE parameters embedded in
  NSS that can be used with function SSL_DHEGroupPrefSet.

New Macros:
* SSL_ENABLE_SERVER_DHE - A socket option user to enable or disable
  DHE ciphersuites for a server socket.

Notable Changes:
* The TLS library has been extended to support DHE ciphersuites in
  server applications.
* For backwards compatibility reasons, the server side implementation
  of the TLS library keeps all DHE ciphersuites disabled by default.
  They can be enabled with the new socket option SSL_ENABLE_SERVER_DHE
  and the SSL_OptionSet or the SSL_OptionSetDefault API.
* The server side implementation of the TLS implementation does not
  support session tickets when using a DHE ciphersuite (see bug
  1174677).
* Support for the following ciphersuites has been added:
  - TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
  - TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
  - TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
* By default, the server side TLS implementation will use DHE
  parameters with a size of 2048 bits when using DHE ciphersuites.
* NSS embeds fixed DHE parameters sized 2048, 3072, 4096, 6144 and
  8192 bits, which were copied from version 08 of the Internet-Draft
  "Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for
  TLS", Appendix A.
* A new API SSL_DHEGroupPrefSet has been added to NSS, which allows a
  server application to select one or multiple of the embedded DHE
  parameters as the preferred parameters. The current implementation of
  NSS will always use the first entry in the array that is passed as a
  parameter to the SSL_DHEGroupPrefSet API. In future versions of the
  TLS implementation, a TLS client might signal a preference for
  certain DHE parameters, and the NSS TLS server side implementation
  might select a matching entry from the set of parameters that have
  been configured as preferred on the server side.
* NSS optionally supports the use of weak DHE parameters with DHE
  ciphersuites to support legacy clients. In order to enable this
  support, the new API SSL_EnableWeakDHEPrimeGroup must be used. Each
  time this API is called for the first time in a process, a fresh set
  of weak DHE parameters will be randomly created, which may take a
  long amount of time. Please refer to the comments in the header file
  that declares the SSL_EnableWeakDHEPrimeGroup API for additional
  details.
* The size of the default PQG parameters used by certutil when
  creating DSA keys has been increased to use 2048 bit parameters.
* The selfserv utility has been enhanced to support the new DHE
  features.
* NSS no longer supports C compilers that predate the ANSI C
  standard (C89).

Log message:
Update to 3.19.2

* Approved by wiz@.

Changelog:
Network Security Services (NSS) is a patch release for NSS 3.19.

No new functionality is introduced in this release. This release addresses
a backwards compatibility issue with the NSS 3.19.1 release.

Notable Changes:
* In NSS 3.19.1, the minimum key sizes that the freebl cryptographic
implementation (part of the softoken cryptographic module used by default
by NSS) was willing to generate or use was increased - for RSA keys, to
512 bits, and for DH keys, 1023 bits. This was done as part of a security
fix for Bug 1138554 / CVE-2015-4000. Applications that requested or
attempted to use keys smaller then the minimum size would fail. However,
this change in behaviour unintentionally broke existing NSS applications
that need to generate or use such keys, via APIs such as
SECKEY_CreateRSAPrivateKey or SECKEY_CreateDHPrivateKey.

In NSS 3.19.2, this change in freebl behaviour has been reverted. The fix
for Bug 1138554 has been moved to libssl, and will now only affect the
minimum keystrengths used in SSL/TLS.

Log message:
Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.

Log message:
Update to 3.19.1

Changelog:
Network Security Services (NSS) 3.19.1 is a patch release
for NSS 3.19.

No new functionality is introduced in this release. This patch
release includes a fix for the recently published logjam attack.

Notable Changes:
* The minimum strength of keys that libssl will accept for
  finite field algorithms (RSA, Diffie-Hellman, and DSA) have
  been increased to 1023 bits (bug 1138554).
* NSS reports the bit length of keys more accurately.  Thus,
  the SECKEY_PublicKeyStrength and SECKEY_PublicKeyStrengthInBits
  functions could report smaller values for values that have
  leading zero values. This affects the key strength values that
  are reported by SSL_GetChannelInfo.

The NSS development team would like to thank Matthew Green and
Karthikeyan Bhargavan for responsibly disclosing the issue in
bug 1138554.

The HG tag is NSS_3_19_1_RTM. NSS 3.19.1 requires NSPR 4.10.8 or newer.

Log message:
Update to 3.19

Changelog:
The NSS team has released Network Security Services (NSS) 3.19,
which is a minor release.

New functionality:
* For some certificates, such as root CA certificates, that don't
  embed any constraints, NSS might impose additional constraints,
  such as name constraints. A new API has been added that allows
  to lookup imposed constraints.
* It is possible to override the directory in which the NSS build
  system will look for the sqlite library.

New Functions:
* CERT_GetImposedNameConstraints

Notable Changes:
* The SSL 3 protocol has been disabled by default.
* NSS now more strictly validates TLS extensions and will fail a
  handshake that contains malformed extensions.
* Fixed a bug related to the ordering of TLS handshake messages.
* In TLS 1.2 handshakes, NSS advertises support for the SHA512
  hash algorithm, in order to be compatible with TLS servers
  that use certificates with a SHA512 signature.

Log message:
Update to 3.18.1

Changelog:
The NSS Development Team announces the release of NSS 3.18.1

Network Security Services (NSS) 3.18.1 is a patch release
for NSS 3.18 to update the list of root CA certificates.

No new functionality is introduced in this release.

Notable Changes:
* The following CA certificate had the Websites and Code Signing
  trust bits restored to their original state to allow more time
  to develop a better transition strategy for affected sites:
  - OU = Equifax Secure Certificate Authority
* The following CA certificate was removed:
  - CN = e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi
* The following intermediate CA certificate has been added as
  actively distrusted because it was mis-used to issue certificates
  for domain names the holder did not own or control:
  - CN=MCSHOLDING TEST, O=MCSHOLDING, C=EG
* The version number of the updated root CA list has been set
  to 2.4

The full release notes, including further details and the SHA1
fingerprints of the changed CA certificates, are available at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.18.1_release_notes

Log message:
Revbump after updating textproc/icu