commit mozilla-nss for openSUSE:Factory

Sun, 25 Sep 2016 05:29:45 -0700 

Hello community,

here is the log from the commit of package mozilla-nss for openSUSE:Factory 
checked in at 2016-09-25 14:29:21
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/mozilla-nss (Old)
 and      /work/SRC/openSUSE:Factory/.mozilla-nss.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "mozilla-nss"

Changes:
--------
--- /work/SRC/openSUSE:Factory/mozilla-nss/mozilla-nss.changes  2016-08-26 
23:13:23.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.mozilla-nss.new/mozilla-nss.changes     
2016-09-25 14:29:24.000000000 +0200
@@ -1,0 +2,35 @@
+Mon Aug 22 13:02:08 UTC 2016 - [email protected]
+
+- update to NSS 3.25
+  New functionality:
+  * Implemented DHE key agreement for TLS 1.3
+  * Added support for ChaCha with TLS 1.3
+  * Added support for TLS 1.2 ciphersuites that use SHA384 as the PRF
+  * In previous versions, when using client authentication with TLS 1.2,
+    NSS only supported certificate_verify messages that used the same
+    signature hash algorithm as used by the PRF. This limitation has
+    been removed.
+  * Several functions have been added to the public API of the
+    NSS Cryptoki Framework.
+  New functions:
+  * NSSCKFWSlot_GetSlotID
+  * NSSCKFWSession_GetFWSlot
+  * NSSCKFWInstance_DestroySessionHandle
+  * NSSCKFWInstance_FindSessionHandle
+  Notable changes:
+  * An SSL socket can no longer be configured to allow both TLS 1.3 and SSLv3
+  * Regression fix: NSS no longer reports a failure if an application
+    attempts to disable the SSLv2 protocol.
+  * The list of trusted CA certificates has been updated to version 2.8
+  * The following CA certificate was Removed
+    Sonera Class1 CA
+  * The following CA certificates were Added
+    Hellenic Academic and Research Institutions RootCA 2015
+    Hellenic Academic and Research Institutions ECC RootCA 2015
+    Certplus Root CA G1
+    Certplus Root CA G2
+    OpenTrust Root CA G1
+    OpenTrust Root CA G2
+    OpenTrust Root CA G3
+
+-------------------------------------------------------------------

Old:
----
  nss-3.24.tar.gz

New:
----
  nss-3.25.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ mozilla-nss.spec ++++++
--- /var/tmp/diff_new_pack.0ovNUq/_old  2016-09-25 14:29:27.000000000 +0200
+++ /var/tmp/diff_new_pack.0ovNUq/_new  2016-09-25 14:29:27.000000000 +0200
@@ -25,7 +25,7 @@
 BuildRequires:  pkg-config
 BuildRequires:  sqlite-devel
 BuildRequires:  zlib-devel
-Version:        3.24
+Version:        3.25
 Release:        0
 # bug437293
 %ifarch ppc64
@@ -36,8 +36,8 @@
 License:        MPL-2.0
 Group:          System/Libraries
 Url:            http://www.mozilla.org/projects/security/pki/nss/
-Source:         
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_24_RTM/src/nss-%{version}.tar.gz
-# hg clone https://hg.mozilla.org/projects/nss nss-3.24/nss ; cd nss-3.24/nss 
; hg up NSS_3_24_RTM
+Source:         
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_25_RTM/src/nss-%{version}.tar.gz
+# hg clone https://hg.mozilla.org/projects/nss nss-3.25/nss ; cd nss-3.25/nss 
; hg up NSS_3_25_RTM
 #Source:         nss-%{version}.tar.gz
 Source1:        nss.pc.in
 Source3:        nss-config.in



++++++ nss-3.24.tar.gz -> nss-3.25.tar.gz ++++++
/work/SRC/openSUSE:Factory/mozilla-nss/nss-3.24.tar.gz 
/work/SRC/openSUSE:Factory/.mozilla-nss.new/nss-3.25.tar.gz differ: char 5, 
line 1

++++++ renegotiate-transitional.patch ++++++
--- /var/tmp/diff_new_pack.0ovNUq/_old  2016-09-25 14:29:27.000000000 +0200
+++ /var/tmp/diff_new_pack.0ovNUq/_new  2016-09-25 14:29:27.000000000 +0200
@@ -1,22 +1,13 @@
 diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c
+index dc83219..276f4a8 100644
 --- a/lib/ssl/sslsock.c
 +++ b/lib/ssl/sslsock.c
-@@ -72,17 +72,17 @@ static sslOptions ssl_defaults = {
-     PR_FALSE,
-     /* v2CompatibleHello  */ /* now defaults to off in NSS 3.13 */
-     PR_TRUE,                 /* detectRollBack     */
-     PR_FALSE,                /* noStepDown         */
-     PR_FALSE,                /* bypassPKCS11       */
-     PR_FALSE,                /* noLocks            */
-     PR_FALSE,                /* enableSessionTickets */
-     PR_FALSE,                /* enableDeflate      */
--    2,                       /* enableRenegotiation (default: requires 
extension) */
-+    3,                       /* enableRenegotiation (default: requires 
extension) */
-     PR_FALSE,                /* requireSafeNegotiation */
-     PR_FALSE,                /* enableFalseStart   */
-     PR_TRUE,                 /* cbcRandomIV        */
-     PR_FALSE,                /* enableOCSPStapling */
-     PR_TRUE,                 /* enableNPN          */
-     PR_FALSE,                /* enableALPN         */
-     PR_TRUE,                 /* reuseServerECDHEKey */
-     PR_FALSE,                /* enableFallbackSCSV */
+@@ -72,7 +72,7 @@ static sslOptions ssl_defaults = {
+     PR_FALSE,              /* noLocks            */
+     PR_FALSE,              /* enableSessionTickets */
+     PR_FALSE,              /* enableDeflate      */
+-    2,                     /* enableRenegotiation (default: requires 
extension) */
++    3,                     /* enableRenegotiation (default: requires 
extension) */
+     PR_FALSE,              /* requireSafeNegotiation */
+     PR_FALSE,              /* enableFalseStart   */
+     PR_TRUE,               /* cbcRandomIV        */

Reply via email to