2020-11-05 10:09:30 by Ryo ONODERA | Files touched by this commit (1814) |
Log message:
*: Recursive revbump from textproc/icu-68.1
|
2020-10-31 20:36:30 by Thomas Klausner | Files touched by this commit (8) | |
Log message:
nss: update to 3.58nb1.
Add a post-release patch that broke some applications
https://hg.mozilla.org/projects/nss/rev/b03a4fc5b902498414b02640dcb2717dfef9682f
Changes nout found.
|
2020-09-20 01:54:14 by Ryo ONODERA | Files touched by this commit (2) | |
Log message:
nss: Update to 3.57
Changelog:
Notable Changes in NSS 3.57
* NSPR dependency updated to 4.29.
* The following CA certificates were Added:
Bug 1663049 - CN=Trustwave Global Certification Authority
SHA-256 Fingerprint:
97552015F5DDFC3C8788C006944555408894450084F100867086BC1A2BB58DC8
Bug 1663049 - CN=Trustwave Global ECC P256 Certification Authority
SHA-256 Fingerprint:
945BBC825EA554F489D1FD51A73DDF2EA624AC7019A05205225C22A78CCFA8B4
Bug 1663049 - CN=Trustwave Global ECC P384 Certification Authority
SHA-256 Fingerprint:
55903859C8C0C3EBB8759ECE4E2557225FF5758BBD38EBD48276601E1BD58097
* The following CA certificates were Removed:
Bug 1651211 - CN=EE Certification Centre Root CA
SHA-256 Fingerprint:
3E84BA4342908516E77573C0992F0979CA084E4685681FF195CCBA8A229B8A76
Bug 1656077 - O=Government Root Certification Authority; C=TW
SHA-256 Fingerprint:
7600295EEFE85B9E1FD624DB76062AAAAE59818A54D2774CD4C0B2C01131E1B3
* Trust settings for the following CA certificates were Modified:
Bug 1653092 - CN=OISTE WISeKey Global Root GA CA
Websites (server authentication) trust bit removed.
Bugs fixed in NSS 3.57
* Bug 1651211 - Remove EE Certification Centre Root CA certificate.
* Bug 1653092 - Turn off Websites Trust Bit for OISTE WISeKey Global Root GA
CA.
* Bug 1656077 - Remove Taiwan Government Root Certification Authority
certificate.
* Bug 1663049 - Add SecureTrust's Trustwave Global root certificates to NSS.
* Bug 1659256 - AArch64 AES optimization shouldn't be enabled with gcc 4.8.
* Bug 1651834 - Fix Clang static analyzer warnings.
* Bug 1661378 - Fix Build failure with Clang 11.
* Bug 1659727 - Fix mpcpucache.c invalid output constraint on Linux/ARM.
* Bug 1662738 - Only run freebl_fips_RNG_PowerUpSelfTest when linked with
NSPR.
* Bug 1661810 - Fix Crash @ arm_aes_encrypt_ecb_128 when building with Clang
11.
* Bug 1659252 - Fix Make build with NSS_DISABLE_DBM=1.
* Bug 1660304 - Add POST tests for KDFs as required by FIPS.
* Bug 1663346 - Use 64-bit compilation on e2k architecture.
* Bug 1605922 - Account for negative sign in mp_radix_size.
* Bug 1653641 - Cleanup inaccurate DTLS comments, code review fixes.
* Bug 1660372 - NSS 3.57 should depend on NSPR 4.29
* Bug 1660734 - Fix Makefile typos.
* Bug 1660735 - Fix Makefile typos.
|
2020-08-31 20:13:29 by Thomas Klausner | Files touched by this commit (3631) |
Log message:
*: bump PKGREVISION for perl-5.32.
|
2020-08-29 19:42:00 by Tobias Nygren | Files touched by this commit (1) |
Log message:
nss: fix NetBSD/aarch64 build
NS_USE_GCC and CC_IS_CLANG are not SunOS specific makeflags, they are used
to toggle if gcm-aarch64.c gets built and probably for other stuff too ...
|
2020-08-23 10:31:27 by Ryo ONODERA | Files touched by this commit (2) | |
Log message:
nss: Update to 3.56
CHangelog:
Notable Changes in NSS 3.56
* The known issue where Makefile builds failed to locate seccomon.h was fixed
in Bug 1653975.
* NSPR dependency updated to 4.28.
Bugs fixed in NSS 3.56
* Bug 1650702 - Support SHA-1 HW acceleration on ARMv8
* Bug 1656981 - Use MPI comba and mulq optimizations on x86-64 MacOS.
* Bug 1654142 - Add CPU feature detection for Intel SHA extension.
* Bug 1648822 - Add stricter validation of DH keys in FIPS mode.
* Bug 1656986 - Properly detect arm64 during GYP build architecture detection.
* Bug 1652729 - Add build flag to disable RC2 and relocate to
lib/freebl/deprecated.
* Bug 1656429 - Correct RTT estimate used in 0-RTT anti-replay.
* Bug 1588941 - Send empty certificate message when scheme selection fails.
* Bug 1652032 - Fix failure to build in Windows arm64 makefile
cross-compilation.
* Bug 1625791 - Fix deadlock issue in nssSlot_IsTokenPresent.
* Bug 1653975 - Fix 3.53 regression by setting "all" as the default \
makefile
target.
* Bug 1659792 - Fix broken libpkix tests with unexpired PayPal cert.
* Bug 1659814 - Fix interop.sh failures with newer tls-interop commit and
dependencies.
* Bug 1656519 - Update NSPR dependency to 4.28.
|
2020-07-31 03:24:30 by Maya Rashish | Files touched by this commit (2) | |
Log message:
nss: update to 3.55
Note that this says the NSPR dependency is bumped. I didn't encounter
any problems with 2.46. It seems to be a change that their automation
was updated to the newer version.
NSS 3.55
P384 and P521 elliptic curve implementations are replaced with verifiable \
implementations from Fiat-Crypto and ECCKiila. Special thanks to the Network and \
Information Security Group (NISEC) at Tampere University.
PK11_FindCertInSlot is added. With this function, a given slot can be \
queried with a DER-Encoded certificate, providing performance and usability \
improvements over other mechanisms. See Bug 1649633 for more details.
DTLS 1.3 implementation is updated to draft-38. See Bug 1647752 for details.
NSPR dependency updated to 4.27.
NSS 3.54
Support for TLS 1.3 external pre-shared keys (Bug 1603042).
Use ARM Cryptography Extension for SHA256, when available. (Bug 1528113).
|
2020-06-18 16:16:50 by Ryo ONODERA | Files touched by this commit (2) |
Log message:
nss: Update to 3.53.1
Changelog:
Bugs fixed in NSS 3.53.1
- Bug 1631597 (CVE-2020-12402) - Use constant-time GCD and modular inversion
in MPI.
|
2020-06-09 11:56:13 by Nia Alarie | Files touched by this commit (1) |
Log message:
nss: use INSTALL_DATA for static libs
|
2020-06-06 08:00:13 by Maya Rashish | Files touched by this commit (1) |
Log message:
nss: add missing PLIST entry on Linux.
From Michael Forney via pkgsrc-users
|