Next | Query returned 318 messages, browsing 91 to 100 | Previous

History of commit frequency

CVS Commit History:


   2020-08-23 10:31:27 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
nss: Update to 3.56

CHangelog:
Notable Changes in NSS 3.56

* The known issue where Makefile builds failed to locate seccomon.h was fixed
in Bug 1653975.
* NSPR dependency updated to 4.28.

Bugs fixed in NSS 3.56

* Bug 1650702 - Support SHA-1 HW acceleration on ARMv8
* Bug 1656981 - Use MPI comba and mulq optimizations on x86-64 MacOS.
* Bug 1654142 - Add CPU feature detection for Intel SHA extension.
* Bug 1648822 - Add stricter validation of DH keys in FIPS mode.
* Bug 1656986 - Properly detect arm64 during GYP build architecture detection.
* Bug 1652729 - Add build flag to disable RC2 and relocate to
lib/freebl/deprecated.
* Bug 1656429 - Correct RTT estimate used in 0-RTT anti-replay.
* Bug 1588941 - Send empty certificate message when scheme selection fails.
* Bug 1652032 - Fix failure to build in Windows arm64 makefile
cross-compilation.
* Bug 1625791 - Fix deadlock issue in nssSlot_IsTokenPresent.
* Bug 1653975 - Fix 3.53 regression by setting "all" as the default \ 
makefile
target.
* Bug 1659792 - Fix broken libpkix tests with unexpired PayPal cert.
* Bug 1659814 - Fix interop.sh failures with newer tls-interop commit and
dependencies.
* Bug 1656519 - Update NSPR dependency to 4.28.
   2020-07-31 03:24:30 by Maya Rashish | Files touched by this commit (2) | Package updated
Log message:
nss: update to 3.55

Note that this says the NSPR dependency is bumped. I didn't encounter
any problems with 2.46. It seems to be a change that their automation
was updated to the newer version.

NSS 3.55

    P384 and P521 elliptic curve implementations are replaced with verifiable \ 
implementations from Fiat-Crypto and ECCKiila. Special thanks to the Network and \ 
Information Security Group (NISEC) at Tampere University.
    PK11_FindCertInSlot is added. With this function, a given slot can be \ 
queried with a DER-Encoded certificate, providing performance and usability \ 
improvements over other mechanisms. See Bug 1649633 for more details.
    DTLS 1.3 implementation is updated to draft-38. See Bug 1647752 for details.
    NSPR dependency updated to 4.27.

NSS 3.54

    Support for TLS 1.3 external pre-shared keys (Bug 1603042).
    Use ARM Cryptography Extension for SHA256, when available. (Bug 1528113).
   2020-06-18 16:16:50 by Ryo ONODERA | Files touched by this commit (2)
Log message:
nss: Update to 3.53.1

Changelog:
Bugs fixed in NSS 3.53.1

- Bug 1631597 (CVE-2020-12402) - Use constant-time GCD and modular inversion
in MPI.
   2020-06-09 11:56:13 by Nia Alarie | Files touched by this commit (1)
Log message:
nss: use INSTALL_DATA for static libs
   2020-06-06 08:00:13 by Maya Rashish | Files touched by this commit (1)
Log message:
nss: add missing PLIST entry on Linux.

From Michael Forney via pkgsrc-users
   2020-06-03 10:51:26 by Ryo ONODERA | Files touched by this commit (3) | Package updated
Log message:
nss: Update to 3.53

Changelog:
Notable Changes in NSS 3.53

* When using the Makefiles, NSS can be built in parallel, speeding up those
builds to more similar performance as the build.sh/ninja/gyp system. (Bug
290526)

* SEED is now moved into a new freebl directory freebl/deprecated (Bug
1636389).

  - SEED will be disabled by default in a future release of NSS. At that time,
users will need to set the compile-time flag (Bug 1622033) to disable that
deprecation in order to use the algorithm.

  - Algorithms marked as deprecated will ultimately be removed.

* Several root certificates in the Mozilla program now set the
CKA_NSS_SERVER_DISTRUST_AFTER attribute, which NSS consumers can query to
further refine trust decisions. (Bug 1618404, Bug 1621159) If a builtin
certificate has a CKA_NSS_SERVER_DISTRUST_AFTER timestamp before the  SCT or
NotBefore date of a certificate that builtin issued, then clients can elect
not to trust it.
  - This attribute provides a more graceful phase-out for certificate
authorities than complete removal from the root certificate builtin store.

Bugs fixed in NSS 3.53

* Bug 1640260 - Initialize PBE params (ASAN fix)
* Bug 1618404 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Symantec root certs
* Bug 1621159 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Consorci AOC, GRCA, and
SK ID root certs
* Bug 1629414 - PPC64: Correct compilation error between VMX vs. VSX vector
instructions
* Bug 1639033 - Fix various compile warnings in NSS
* Bug 1640041 - Fix a null pointer in security/nss/lib/ssl/sslencode.c:67
* Bug 1640042 - Fix a null pointer in security/nss/lib/ssl/sslsock.c:4460
* Bug 1638289 - Avoid multiple definitions of SHA{256,384,512}_* symbols when
linking libfreeblpriv3.so in Firefox on ppc64le
* Bug 1636389 - Relocate deprecated SEED algorithm
* Bug 1637083 - lib/ckfw: No such file or directory. Stop.
* Bug 1561331 - Additional modular inverse test
* Bug 1629553 - Rework and cleanup gmake builds
* Bug 1438431 - Remove mkdepend and "depend" make target
* Bug 290526 - Support parallel building of NSS when using the Makefiles
* Bug 1636206 - HACL* update after changes in libintvector.h
* Bug 1636058 - Fix building NSS on Debian s390x, mips64el, and riscv64
* Bug 1622033 - Add option to build without SEED
   2020-06-02 10:25:05 by Adam Ciarcinski | Files touched by this commit (1689)
Log message:
Revbump for icu
   2020-05-06 03:09:43 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
nss: Update to 3.52

Changelog:
Notable Changes in NSS 3.52

    Bug 1603628 - Update NSS to support PKCS #11 v3.0.
    Bug 1623374 - Support new PKCS #11 v3.0 Message Interface for AES-GCM and \ 
ChaChaPoly.
    Bug 1612493 - Integrate AVX2 ChaCha20, Poly1305, and ChaCha20Poly1305 from HACL*.

Bugs fixed in NSS 3.52

    Bug 1633498 - Fix unused variable 'getauxval' error on iOS compilation.
    Bug 1630721 - Add Softoken functions for FIPS.
    Bug 1630458 - Fix problem of GYP MSVC builds not producing debug symbol files.
    Bug 1629663 - Add IKEv1 Quick Mode KDF.
    Bug 1629661 - MPConfig calls in SSL initialize policy before NSS is initialized.
    Bug 1629655 - Support temporary session objects in ckfw.
    Bug 1629105 - Add PKCS11 v3.0 functions to module debug logger.
    Bug 1626751 - Fix error in generation of fuzz32 docker image after updates.
    Bug 1625133 - Fix implicit declaration of function 'getopt' error.
    Bug 1624864 - Allow building of gcm-arm32-neon on non-armv7 architectures.
    Bug 1624402 - Fix compilation error in Firefox Android.
    Bug 1624130 - Require CK_FUNCTION_LIST structs to be packed.
    Bug 1624377 - Fix clang warning for unknown argument '-msse4'.
    Bug 1623374 - Support new PKCS #11 v3.0 Message Interface for AES-GCM and \ 
ChaChaPoly.
    Bug 1623184 - Fix freebl_cpuid for querying Extended Features.
    Bug 1622555 - Fix argument parsing in lowhashtest.
    Bug 1620799 - Introduce NSS_DISABLE_GCM_ARM32_NEON to build on arm32 without \ 
NEON support.
    Bug 1619102 - Add workaround option to include both DTLS and TLS versions in \ 
DTLS supported_versions.
    Bug 1619056 - Update README: TLS 1.3 is not experimental anymore.
    Bug 1618915 - Fix UBSAN issue in ssl_ParseSessionTicket.
    Bug 1618739 - Don't assert fuzzer behavior in SSL_ParseSessionTicket.
    Bug 1617968 - Update Delegated Credentials implementation to draft-07.
    Bug 1617533 - Update HACL* dependencies for libintvector.h
    Bug 1613238 - Add vector accelerated SHA2 for POWER 8+.
    Bug 1612493 - Integrate AVX2 ChaCha20, Poly1305, and ChaCha20Poly1305 from HACL*.
    Bug 1612281 - Maintain PKCS11 C_GetAttributeValue semantics on attributes \ 
that lack NSS database columns.
    Bug 1612260 - Add Wycheproof RSA test vectors.
    Bug 1608250 - broken fipstest handling of KI_len.
    Bug 1608245 - Consistently handle NULL slot/session.
    Bug 1603801 - Avoid dcache pollution from sdb_measureAccess().
    Bug 1603628 - Update NSS to support PKCS #11 v3.0.
    Bug 1561637 - TLS 1.3 does not work in FIPS mode.
    Bug 1531906 - Fix overzealous assertion when evicting a cached sessionID or \ 
using external cache.
    Bug 1465613 - Fix issue where testlib makefile build produced extraneous \ 
object files.
    Bug 1619959 - Properly handle multi-block SEED ECB inputs.
    Bug 1630925 - Guard all instances of NSSCMSSignedData.signerInfo to avoid a \ 
CMS crash
    Bug 1571677 - Name Constraints validation: CN treated as DNS name even when \ 
syntactically invalid as DNS name

Compatibility

NSS 3.52 shared libraries are backward compatible with all older NSS 3.x
shared libraries. A program linked with older NSS 3.x shared libraries
will work with NSS 3.52 shared libraries without recompiling or relinking.
Furthermore, applications that restrict their use of NSS APIs to the functions
listed in NSS Public Functions will remain compatible with future versions
of the NSS shared libraries.
   2020-04-26 23:43:43 by Tobias Nygren | Files touched by this commit (2)
Log message:
nss: fix wrong value of CPU_ARCH on NetBSD/evbarm-earmv7hf

Fixes PR pkg/53353 and maybe also PR pkg/55158
   2020-04-12 17:13:34 by Tobias Nygren | Files touched by this commit (2)
Log message:
g/c stale comment

Next | Query returned 318 messages, browsing 91 to 100 | Previous