CVS commit: pkgsrc/devel/nss

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/devel/nss
From: "Ryo ONODERA" <ryoon%netbsd.org@localhost>
Date: Tue, 15 Oct 2013 16:10:33 +0000

Module Name:    pkgsrc
Committed By:   ryoon
Date:           Tue Oct 15 16:10:33 UTC 2013

Modified Files:
        pkgsrc/devel/nss: Makefile distinfo

Log Message:
Update to 3.15.2

Changelog:
Security Advisories

The following security-relevant bugs have been resolved in NSS 3.15.2. Users 
are encouraged to upgrade immediately.

    Bug 894370 - (CVE-2013-1739) Avoid uninitialized data read in the event of 
a decryption failure.

New in NSS 3.15.2
New Functionality

    AES-GCM Ciphersuites: AES-GCM cipher suite (RFC 5288 and RFC 5289) support 
has been added when TLS 1.2 is negotiated. Specifically, the following cipher 
suites are now supported:
        TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
        TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
        TLS_RSA_WITH_AES_128_GCM_SHA256

New Functions

PK11_CipherFinal has been introduced, which is a simple alias for 
PK11_DigestFinal.
New Types

No new types have been introduced.
New PKCS #11 Mechanisms

No new PKCS#11 mechanisms have been introduced
Notable Changes in NSS 3.15.2

    Bug 880543 - Support for AES-GCM ciphersuites that use the SHA-256 PRF
    Bug 663313 - MD2, MD4, and MD5 signatures are no longer accepted for OCSP 
or CRLs, consistent with their handling for general certificate signatures.
    Bug 884178 - Add PK11_CipherFinal macro

Bugs fixed in NSS 3.15.2

    Bug 734007 - sizeof() used incorrectly
    Bug 900971 - nssutil_ReadSecmodDB() leaks memory
    Bug 681839 - Allow SSL_HandshakeNegotiatedExtension to be called before the 
handshake is finished.
    Bug 848384 - Deprecate the SSL cipher policy code, as it's no longer 
relevant. It is no longer necessary to call NSS_SetDomesticPolicy because all 
cipher suites are now allowed by default.

A complete list of all bugs resolved in this release can be obtained at 
https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&classification=Components&query_format=advanced&target_milestone=3.15.2&product=NSS&list_id=7982238
Compatibility

NSS 3.15.2 shared libraries are backward compatible with all older NSS 3.x 
shared libraries. A program linked with older NSS 3.x shared libraries will 
work with NSS 3.15.2 shared libraries without recompiling or relinking. 
Furthermore, applications that restrict their use of NSS APIs to the functions 
listed in NSS Public Functions will remain compatible with future versions of 
the NSS shared libraries.


To generate a diff of this commit:
cvs rdiff -u -r1.69 -r1.70 pkgsrc/devel/nss/Makefile
cvs rdiff -u -r1.28 -r1.29 pkgsrc/devel/nss/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/news/trn
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/news/trn
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index