ALT Linux repositórios
Group :: Sistema/Bibliotecas
RPM: nss
Main Changelog Spec Patches Sources Download Gear Bugs e FR Repocop
26 setembro 2023 Alexey Gladkov <legion at altlinux.ru> 3.93.0-alt1
- New version (3.93).
- New version (3.92).
- Certificate Authority Changes:
+ Add CN=Atos TrustedRoot Root CA ECC G2 2020
+ Add CN=Atos TrustedRoot Root CA RSA G2 2020
+ Add CN=LAWtrust Root CA2 (4096)
+ Add CN=SSL.com Client ECC Root CA 2022
+ Add CN=SSL.com Client RSA Root CA 2022
+ Add CN=SSL.com TLS ECC Root CA 2022
+ Add CN=SSL.com TLS RSA Root CA 2022
+ Add CN=Sectigo Public Email Protection Root E46
+ Add CN=Sectigo Public Email Protection Root R46
+ Add CN=Sectigo Public Server Authentication Root E46
+ Add CN=Sectigo Public Server Authentication Root R46
+ Remove CN=Chambers of Commerce Root,OU=http://www.chambersign.org
+ Remove CN=E-Tugra Certification Authority,OU=E-Tugra Sertifikasyon Merkezi
+ Remove CN=E-Tugra Global Root CA ECC v3,OU=E-Tugra Trust Center
+ Remove CN=E-Tugra Global Root CA RSA v3,OU=E-Tugra Trust Center
+ Remove CN=Hongkong Post Root CA 1
- Fixed build for Elbrus.
- Fix unconditional use of adcxq causes SIGILL with nss-3.90.
- New version (3.90).
- Certificate Authority Changes:
+ Add CN=BJCA Global Root CA1
+ Add CN=BJCA Global Root CA2
- New version (3.89).
- New version (3.88.1).
- New version (3.86).
- Set nssckbi version number to 2.60.
- Certificate Authority Changes:
+ Remove CN=EC-ACC
+ Remove CN=Network Solutions Certificate Authority
+ Remove CN=Staat der Nederlanden EV Root CA
+ Remove CN=SwissSign Platinum CA - G2
- New version (3.85).
- New version (3.84).
- New version (3.83).
- Certificate Authority Changes:
+ Add CN=DIGITALSIGN GLOBAL ROOT ECDSA CA
+ Add CN=DIGITALSIGN GLOBAL ROOT RSA CA
+ Add CN=Security Communication ECC RootCA1
+ Add CN=Security Communication RootCA3
+ Remove CN=Global Chambersign Root
- New version (3.82).
- New version (3.81).
- Certificate Authority Changes:
+ Add CN=Certainly Root E1
+ Add CN=Certainly Root R1
+ Add CN=DigiCert SMIME ECC P384 Root G5
+ Add CN=DigiCert SMIME RSA4096 Root G5
+ Add CN=DigiCert TLS ECC P384 Root G5
+ Add CN=DigiCert TLS RSA4096 Root G5
+ Add CN=E-Tugra Global Root CA ECC v3
+ Add CN=E-Tugra Global Root CA RSA v3
+ Remove CN=Hellenic Academic and Research Institutions RootCA 2011
- New version (3.79).
- New version (3.78).
- New version (3.77).
- Certificate Authority Changes:
+ Add CN=Telia Root CA v2
+ Add CN=D-TRUST BR Root CA 1 2020
+ Add CN=D-TRUST EV Root CA 1 2020
+ Remove CN=DigiNotar PKIoverheid CA Organisatie - G2
+ Remove CN=Trustwave Organization Issuing CA, Level 2
+ Remove TURKTRUST Mis-issued Intermediate CA 1
+ Remove TURKTRUST Mis-issued Intermediate CA 2
- New version (3.76).
- New version (3.75).
- New version (3.74).
- Certificate Authority Changes:
+ Add HiPKI Root CA - G1
+ Add ISRG Root X2
+ Add vTrus Root CA
+ Add vTrus ECC Root CA
+ Add Autoridad de Certificacion Firmaprofesional CIF A62634068
+ Remove DST Root CA X3
+ Remove GlobalSign Root CA - R2
+ Remove Cybertrust Global Root
+ Replace GlobalSign ECC Root CA - R4
+ Replace GTS Root R1
+ Replace GTS Root R2
+ Replace GTS Root R3
+ Replace GTS Root R4
- New version (3.73).
- Security fixes:
+ CVE-2021-43527: Heap overflow in NSS when verifying DSA/RSA-PSS DER-encoded signatures
- nss-utils: Install utilities used by fedora and opensuse (ALT#41317).
- New version (3.72).
- New version (3.71).
- Certificate Authority Changes:
+ Add CN=HARICA TLS RSA Root CA 2021
+ Add CN=HARICA TLS ECC Root CA 2021
+ Add CN=HARICA Client RSA Root CA 2021
+ Add CN=HARICA Client ECC Root CA 2021
+ Add CN=TunTrust Root CA
- New version (3.69.1).
- New version (3.69).
- Backported upstream fixes for POWER AES-GCM Vector Acceleration (ALT#40510)
(MBZ#1566124). - Enabled testsuite.
- New version (3.66).
- Certificate Authority Changes:
+ Add CN=GLOBALTRUST 2020
+ Add CN=ANF Secure Server Root CA
+ Add CN=Certum EC-384 CA
+ Add CN=Certum Trusted Root CA
+ Remove OU=Trustis FPS Root CA
+ Remove CN=QuoVadis Root Certification Authority
+ Remove CN=Sonera Class2 CA
- New version (3.63).
- Certificate Authority Changes:
+ Add CN=GlobalSign Secure Mail Root R45
+ Add CN=GlobalSign Secure Mail Root E45
+ Add CN=GlobalSign Root R46
+ Add CN=GlobalSign Root E46
+ Add CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS
+ Remove CN=GeoTrust Primary Certification Authority - G2
+ Remove CN=VeriSign Universal Root Certification Authority
+ Turn off Websites trust bit for "Staat der Nederlanden Root CA - G3"
+ Turn off Websites trust bit for "Chambers of Commerce Root - 2008"
+ Turn off Websites trust bit for "Global Chambersign Root - 2008"
- New version (3.61).
- Certificate Authority Changes:
+ Add CN=NAVER Global Root Certification Authority
+ Remove CN=GeoTrust Global CA
+ Remove CN=GeoTrust Primary Certification Authority
+ Remove CN=GeoTrust Primary Certification Authority - G3
+ Remove CN=GeoTrust Universal CA
+ Remove CN=GeoTrust Universal CA 2
+ Remove CN=VeriSign Class 3 Public Primary Certification Authority - G4
+ Remove CN=VeriSign Class 3 Public Primary Certification Authority - G5
+ Remove CN=thawte Primary Root CA
+ Remove CN=thawte Primary Root CA - G2
+ Remove CN=thawte Primary Root CA - G3
- New version (3.59.1).
- New version (3.59).
- Backported fix for MBZ#1672703.
- New version (3.58).
- Security fixes:
+ CVE-2020-25648: Tighten CCS handling for middlebox compatibility mode - Certificate Authority Changes:
+ Add CN=Trustwave Global Certification Authority
+ Add CN=Trustwave Global ECC P256 Certification Authority
+ Add CN=Trustwave Global ECC P384 Certification Authority
+ Remove CN=EE Certification Centre Root CA
+ Remove O=Government Root Certification Authority; C=TW
+ Modify CN=OISTE WISeKey Global Root GA CA
- New version (3.56).
- New version (3.55).
- Security fixes:
+ CVE-2020-6829, CVE-2020-12400: Replace P384 and P521 with new, verifiable implementations from Fiat-Crypto and ECCKiila.
+ CVE-2020-12401: Remove unnecessary scalar padding.
+ CVE-2020-12403: Explicitly disable multi-part ChaCha20 (which was not functioning correctly) and more strictly enforce tag length.
- New version (3.54).
- Merge libnss and libnss-sysinit.
- Certificate Authority Changes:
+ Add CN = certSIGN Root CA G2
+ Add CN = e-Szigno Root CA 2017
+ Add CN = Microsoft ECC Root Certificate Authority 2017
+ Add CN = Microsoft RSA Root Certificate Authority 2017
+ Remove CN = AddTrust Class 1 CA Root
+ Remove CN = AddTrust External CA Root
+ Remove CN = LuxTrust Global Root 2
+ Remove CN = Staat der Nederlanden Root CA - G2
+ Remove CN = Symantec Class 2 Public Primary Certification Authority - G4
+ Remove CN = Symantec Class 1 Public Primary Certification Authority - G4
+ Remove CN = VeriSign Class 3 Public Primary Certification Authority - G3
- Enable an RFC3280 compliant certificate path validation library (ALT#38636).
- Fix build with nss headers and -Werror=strict-prototypes (ALT#38597).
- Enable NSS legacy DBM type (ALT#38590).
- New version (3.53).
- Security fixes:
+ CVE-2020-12399 - Force a fixed length for DSA exponentiation
- New version (3.52).
- Stop pulling in nss-pem automatically, packages that need it should depend on it.
- New version (3.51).
- New version (3.49.2).
- New version (3.49.1).
- Security fixes:
+ CVE-2019-17023: Additional HRR Tests - Certificate Authority Changes:
+ Add Entrust Root Certification Authority - G4 Cert
- New version (3.47.1).
- Security fixes:
+ CVE-2019-11745: EncryptUpdate should use maxout, not block size.
- New version (3.47).
- Update license tag.
- New version (3.46).
- Certificate Authority Changes:
+ Remove CN = Swisscom Root CA 2
+ Remove CN = Class 2 Primary CA
+ Remove CN = Class 2 Primary CA
+ Remove CN = Deutsche Telekom Root CA 2
- New version (3.45).
- New version (3.44).
- Use %_is_lp64 macro to determine if arch is 64-bit.
- New version (3.43).
- New version (3.42.1).
- New version (3.40.1).
- New version (3.40).
- New version (3.39).
- New version (3.38).
- New version (3.36.4).
- New version (3.36.1).
- New version (3.36).
- Fix the alteranatives file.
- Add the alteranatives file for libnssckbi.so.
- Add libnss-nssckbi-checkinstall subpackage.
- New version (3.34.1).
- Remove obsolete nss-alt-ssl-addon-certs.txt.
- New version (3.33).
- New version (3.32).
- New version (3.31).
- New version (3.30).
- New version (3.28.1).
- New version (3.27.1).
- New version (3.26).
- New version (3.24).
- New version (3.23).
- Add tstclnt and vfyserv (ALT#31803)
- Disable SSL2.
- New version (3.22.0).
- New version (3.20.2).
- New version (3.20.1).
- New version (3.19.2).
- New version (3.19.0).
- New version (3.18.0).
- New version (3.17.4).
- New version (3.17.2).
- New version (3.17.1).
- New version (3.16.2).
- New version (3.16.1).
- New version (3.15.4).
- New version (3.15.3).
- New version (3.15.2).
- New version (3.15.1).
- New version (3.14.3).
- New version (3.14.2).
- New version (3.14.1).
- New version (3.13.6).
- Update external patches.
- Protect against calls before nss_init (ALT#27300).
- New version (3.13.4).
- Fix "__GNUC_MINOR" is not defined (ALT#26809).
- New version (3.13.1).
- Better coverage for DigiNotarGate in NSS.
- Dis-trust DigiNotar root certificate.
- New version (3.12.11).
- Apply fedora patches.
- Rebuilt to enable proper debuginfo.
- New version (3.12.9).
- New version (3.12.8).
- Add libnss-sysinit subpackage.
- New cvs snapshot 3.12.7.0 20100601.
- New cvs snapshot 3.12.7.0 20100328.
- New cvs snapshot 3.12.6.0 20100218.
- New cvs snapshot 3.12.6.0 20100116.
- Change requires.
- Use system sqlite3 (again).
- New cvs snapshot 3.12.5.0 20091106.
- New cvs snapshot 3.12.5.0 20091101.
- New cvs snapshot 3.12.5.0 20090918.
- New cvs snapshot 3.12.5.0 20090831.
- New cvs snapshot 3.12.4.1 20090630.
- New cvs snapshot 3.12.4.1 20090601.
- New cvs snapshot 3.12.4 20090421.
- New cvs snapshot 3.12.3 20090305.
- Use mozsqlite3.
- New cvs snapshot 3.12.3 20081117.
- New cvs snapshot 3.12.1 20080628.
- New version (3.12.1 beta).
- New cvs snapshot 3.12 20080328.
- New cvs snapshot (3.12).
- New cvs snapshot (3.12).
- New version (3.12 beta).
- Build with system sqlite and zlib.
- New version (3.11.7).
- New version (3.11.4).
- Build without NSS_ECC_MORE_THAN_SUITE_B.
- Update ALT root CA.
- new version (3.11.3).
- large spec cleanup.
- build with new nspr-4.6.3.
- new version.
- new version.
- nss.pc was added.
- nss-config fixed.
- x86_64 flags fix.
- NMU.
- nss-config bugfix.
- crmf builtin inside libnss (patch #1).
- New package: nss-utils, libnss-devel-static .
- initial build for ALT Linux.