-
Fri May 05 2017 Kai Engert <kaie@redhat.com> - 3.28.4-8
- Include CKBI 2.14 and updated CA constraints from NSS 3.28.5
-
Fri May 05 2017 Daiki Ueno <dueno@redhat.com> - 3.28.4-7
- Update nss-pk12util.patch to include fix from mozbz#1353724.
-
Wed May 03 2017 Daiki Ueno <dueno@redhat.com> - 3.28.4-6
- Update nss-alert-handler.patch with the upstream fix from mozbz#1360207.
-
Fri Apr 28 2017 Daiki Ueno <dueno@redhat.com> - 3.28.4-5
- Fix zero-length record treatment for stream ciphers and SSLv2
-
Thu Apr 27 2017 Daiki Ueno <dueno@redhat.com> - 3.28.4-4
- Correctly set policy file location when building
-
Wed Apr 26 2017 Daiki Ueno <dueno@redhat.com> - 3.28.4-3
- Reorder ChaCha20-Poly1305 cipher suites, as suggested in:
https://bugzilla.redhat.com/show_bug.cgi?id=1373158#c9
-
Thu Apr 20 2017 Daiki Ueno <dueno@redhat.com> - 3.28.4-2
- Rebase to NSS 3.28.4
- Update nss-pk12util.patch with backport of mozbz#1353325
-
Thu Mar 16 2017 Daiki Ueno <dueno@redhat.com> - 3.28.3-5
- Switch default hash algorithm used by tools from SHA-1 to SHA-256
- Avoid race condition in nssSlot_IsTokenPresent()
- Enable SHA-2 and AES in pk12util
- Disable RSA-PSS for now
-
Fri Mar 10 2017 Daiki Ueno <dueno@redhat.com> - 3.28.3-4
- Utilize CKA_NSS_MOZILLA_CA_POLICY attribute, patch by Kai Engert
- Backport changes adding SSL alert callbacks from upstream
- Add nss-check-policy-file.patch from Fedora
- Install policy config in /etc/pki/nss-legacy/nss-rhel7.config
-
Mon Mar 06 2017 Daiki Ueno <dueno@redhat.com> - 3.28.3-3
- Make sure 32bit nss-pem always be installed with 32bit nss in
multlib environment, patch by Kamil Dudka
- Enable new algorithms supported by the new nss-softokn