CVS commit: pkgsrc/devel/nss

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/devel/nss
From: "Ryo ONODERA" <ryoon%netbsd.org@localhost>
Date: Sat, 22 Mar 2014 23:32:47 +0000

Module Name:    pkgsrc
Committed By:   ryoon
Date:           Sat Mar 22 23:32:46 UTC 2014

Modified Files:
        pkgsrc/devel/nss: Makefile distinfo

Log Message:
Update to 3.16

* Improve 3.16 like 2 number version support (firefox etc. requires 3 number
  version string)

Changelog:
>From https://developer.mozilla.org/en-US/docs/NSS/NSS_3.16_release_notes

The following security-relevant bug has been resolved.
Users are encouraged to upgrade immediately.
* Bug 903885 - (CVE-2014-1492) In a wildcard certificate, the wildcard
  character should not be embedded within the U-label of an
  internationalized domain name. See the last bullet point in RFC 6125,
  Section 7.2.

New functionality:
* Supports the Linux x32 ABI. To build for the Linux x32 target, set
  the environment variable USE_X32=1 when building NSS.

New Functions:
* NSS_CMSSignerInfo_Verify

New Macros
* TLS_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, etc.,
  cipher suites that were first defined in SSL 3.0 can now be referred
  to with their official IANA names in TLS, with the TLS_ prefix.
  Previously, they had to be referred to with their names in SSL 3.0,
  with the SSL_ prefix.

Notable Changes:
* ECC is enabled by default. It is no longer necessary to set the
  environment variable NSS_ENABLE_ECC=1 when building NSS. To disable
  ECC, set the environment variable NSS_DISABLE_ECC=1 when building NSS.
* libpkix should not include the common name of CA as DNS names when
  evaluating name constraints.
* AESKeyWrap_Decrypt should not return SECSuccess for invalid keys.
* Fix a memory corruption in sec_pkcs12_new_asafe.
* If the NSS_SDB_USE_CACHE environment variable is set, skip the runtime
  test sdb_measureAccess.
* The built-in roots module has been updated to version 1.97, which
  adds, removes, and distrusts several certificates.
* The atob utility has been improved to automatically ignore lines of
  text that aren't in base64 format.
* The certutil utility has been improved to support creation of
  version 1 and version 2 certificates, in addition to the existing
  version 3 support.


To generate a diff of this commit:
cvs rdiff -u -r1.77 -r1.78 pkgsrc/devel/nss/Makefile
cvs rdiff -u -r1.33 -r1.34 pkgsrc/devel/nss/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/fonts/xmbdfed
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/fonts/xmbdfed
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index