-
Wed Mar 08 2017 EL Errata <el-errata_ww@oracle.com> - 3.28.2-1.6.0.1
- Added nss-vendor.patch to change vendor
-
Mon Feb 20 2017 Daiki Ueno <dueno@redhat.com> - 3.28.2-1.6
- Restore ssl-server-min-key-sizes.patch
- Disable TLS_ECDHE_{RSA,ECDSA}_WITH_AES_128_CBC_SHA256 by default
- Enable 4 AES_256_GCM_SHA384 ciphersuites, enabled by the downstream
patch in the previous release
- Fix crash with tstclnt -W
-
Fri Feb 17 2017 Daiki Ueno <dueno@redhat.com> - 3.28.2-1.5
- Always enable gtests for supported features
- Prevent ABI incompatibilty of SECKEYECPublicKey
-
Thu Feb 16 2017 Daiki Ueno <dueno@redhat.com> - 3.28.2-1.4
- Add patch to fix bash syntax error in tests/ssl.sh
- Build with support for SSLKEYLOGFILE
- Disable the use of RSA-PSS with SSL/TLS
-
Wed Feb 15 2017 Daiki Ueno <dueno@redhat.com> - 3.28.2-1.3
- Remove %nss_cycles setting, which was also mistakenly added
-
Wed Feb 15 2017 Daiki Ueno <dueno@redhat.com> - 3.28.2-1.2
- Reorder cipher suites for compatibility
- Re-enable BUILD_OPT, mistakenly disabled in the previous build
-
Mon Feb 13 2017 Daiki Ueno <dueno@redhat.com> - 3.28.2-1.1
- Remove mistakenly added R: nss-pem
-
Fri Feb 10 2017 Daiki Ueno <dueno@redhat.com> - 3.28.2-1.0
- Rebase to NSS 3.28.2
- Remove NSS_ENABLE_ECC and NSS_ECC_MORE_THAN_SUITE_B setting, which
is no-op now
- Enable gtests when requested
- Remove nss-646045.patch and fix-nss-test-filtering.patch, which are
not necessary
- Remove sslauth-no-v2.patch and
nss-sslstress-txt-ssl3-lower-value-in-range.patch, as SSLv2 is
already disabled in upstream
- Remove ssl-server-min-key-sizes.patch, as we decided to support DH
key size greater than 1023 bits
- Remove local patches for SHA384 cipher suites (now supported in
upstream): dhe-sha384-dss-support.patch,
client_auth_for_sha384_prf_support.patch,
nss-fix-client-auth-init-hashes.patch, nss-map-oid-to-hashalg.patch,
nss-enable-384-cipher-tests.patch, nss-fix-signature-and-hash.patch,
fix-allowed-sig-alg.patch, tests-extra.patch
- Remove upstreamed patches: rh1238290.patch,
fix-reuse-of-session-cache-entry.patch, flexible-certverify.patch,
call-restartmodules-in-nssinit.patch
-
Tue Nov 08 2016 Kai Engert <kaie@redhat.com> - 3.21.3-2
- Mozilla #1314604 / Red Hat CVE-2016-8635
-
Wed Nov 02 2016 Kai Engert <kaie@redhat.com> - 3.21.3-1.1
- rebuild