[el5_latest] mod_nss-1.0.8-7.el5.i386

The mod_nss module provides strong cryptography for the Apache Web
server via the Secure Sockets Layer (SSL) and Transport Layer
Security (TLS) protocols using the Network Security Services (NSS)
security library.

Changelog (Show File list) (Show related packages)

• Sat Jan 28 2012 Matthew Harmsen <mharmsen@redhat.com> - 1.0.8-7

  - Fix 'Bugzilla Bug #749405 - mod_nss fails debug assertion' by removing
    'mod_nss-no_shutdown_if_not_init.patch' and applying
    'mod_nss-no_shutdown_if_not_init_2.patch' instead
  - The 'mod_nss-no_shutdown_if_not_init_2.patch' patch also fixes
    Bugzilla Bug #784548 - File descriptor leak after "service httpd reload"
    or httpd doesn't reload

• Thu Nov 10 2011 Rob Crittenden <rcritten@redhat.com> - 1.0.8-6

  - Bugzilla Bug #749401 - https://server.testrelm/ipa/xml: Bad Request
    intermittent errors
  - Bugzilla Bug #749402 - may be possible to spoof mod_nss FakeBasicAuth
  - Bugzilla Bug #749405 - mod_nss fails debug assertion
  - Bugzilla Bug #749406 - Add 'libnssckbi.so' runtime dependency . .

• Thu Oct 27 2011 Rob Crittenden <rcritten@redhat.com> - 1.0.8-5

  - Bugzilla Bug #692868 - https (with mod_nss) fails with reverse proxy when
    using with mod_proxy
  - Bugzilla Bug #677698 - Lack of interlock between nss processes to pcache
    causes httpd failure
  - Bugzilla Bug #714255 - overrunning array when executing nss_pcache

• Wed Jan 19 2011 Rob Crittenden <rcritten@redhat.com> - 1.0.8-4

  - Execute the postinstall script on upgrades so database ownership is
    correct (#669963)

• Tue Dec 14 2010 Rob Crittenden <rcritten@redhat.com> - 1.0.8-3

  - Bump version to make upgrading from product-specific versions seamless
    (#588858)

• Thu Sep 23 2010 Rob Crittenden <rcritten@redhat.com> - 1.0.8-2

  - Don't call PK11_ListCerts for every server (#635324)
  - Fix hang when handling large POST under some conditions (#634685)

• Thu Jun 10 2010 Rob Crittenden <rcritten@redhat.com> - 1.0.8-1

  - Rebase to upstream mod_nss 1.0.8 (#588858)
  - Use remote hostname set by mod_proxy to compare to CN in peer cert (#591901)
  - Patch to add configuration options for new NSS negotiation API (#574187)
  - Set minimum version of nss to 3.12.6 to pick up renegotiation fix
  - Add (pre) for Requires on httpd so we can be sure the user and group are
    already available
  - Use _sysconfdir macro instead of /etc
  - Remove unused variable and perl substitution for gencert. gencert used to
    have separate variables for NSS & NSPR libraries, that is gone now so this
    variable and substitution aren't needed.
  - Added comments to patch to identify what they do
  - The location of libnssckbi.so moved from /lib[64] to /usr/lib[64] (#558545)
  - Don't generate output when the default NSS database is generated (#538859)

• Thu May 14 2009 Rob Crittenden <rcritten@redhat.com> 1.0.3-8

  - Handle read blocking properly (#484380)

• Thu Jan 22 2009 Rob Crittenden <rcritten@redhat.com> 1.0.3-7

  - Backport PassphraseDialog directive 'defer' (#489013)

• Fri Jul 25 2008 Rob Crittenden <rcritten@redhat.com> 1.0.3-6

  - Register functions needed by mod_proxy if mod_ssl is not loaded (#338401)

• Wed Jul 02 2008 Rob Crittenden <rcritten@redhat.com> 1.0.3-5

  - Include patch to fix NSSFIPS mode (#450349)

• Sat Aug 05 2006 Rob Crittenden <rcritten@redhat.com> 1.0.3-4

  - Include LogLevel warn in nss.conf.

• Sat Aug 05 2006 Rob Crittenden <rcritten@redhat.com> 1.0.3-3

  - Need to initialize ECC certificate and key variables

• Sat Aug 05 2006 Jarod Wilson <jwilson@redhat.com> 1.0.3-2

  - Use %ghost for db files and install.log

• Wed Jun 21 2006 Rob Crittenden <rcritten@redhat.com> 1.0.3-1

  - Initial build