Revisions of apache2-mod_nss
Dominique Leuenberger (dimstar_suse)
accepted
request 339934
from
Vítězslav Čížek (vitezslav_cizek)
(revision 16)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 307757
from
Kristyna Streitova (kstreitova)
(revision 14)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 294910
from
Kristyna Streitova (kstreitova)
(revision 12)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 289610
from
Cristian Rodríguez (elvigia)
(revision 11)
1
Adrian Schröter (adrianSuSE)
committed
(revision 8)
Split 13.2 from Factory
Stephan Kulow (coolo)
accepted
request 223307
from
Wolfgang Rosenauer (wrosenauer)
(revision 5)
- mod_nss-cipherlist_update_for_tls12-doc.diff mod_nss-cipherlist_update_for_tls12.diff GCM mode and Camellia ciphers added to the supported ciphers list. The additional ciphers are: rsa_aes_128_gcm_sha == TLS_RSA_WITH_AES_128_GCM_SHA256 rsa_camellia_128_sha == TLS_RSA_WITH_CAMELLIA_128_CBC_SHA rsa_camellia_256_sha == TLS_RSA_WITH_CAMELLIA_256_CBC_SHA ecdh_ecdsa_aes_128_gcm_sha == TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 ecdhe_ecdsa_aes_128_gcm_sha == TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ecdh_rsa_aes_128_gcm_sha == TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 ecdhe_rsa_aes_128_gcm_sha == TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [bnc#863035] - mod_nss-CVE-2013-4566-NSSVerifyClient.diff fixes CVE-2013-4566: If 'NSSVerifyClient none' is set in the server / vhost context (i.e. when server is configured to not request or require client certificate authentication on the initial connection), and client certificate authentication is expected to be required for a specific directory via 'NSSVerifyClient require' setting, mod_nss fails to properly require certificate authentication. Remote attacker can use this to access content of the restricted directories. [bnc#853039] - glue documentation added to /etc/apache2/conf.d/mod_nss.conf: * simultaneaous usage of mod_ssl and mod_nss * SNI concurrency * SUSE framework for apache configuration, Listen directive * module initialization - mod_nss-conf.patch obsoleted by scratch-version of nss.conf.in or mod_nss.conf, respectively. This also leads to the removal of (forwarded request 222758 from wrosenauer)
Adrian Schröter (adrianSuSE)
committed
(revision 4)
Split 13.1 from Factory
Stephan Kulow (coolo)
accepted
request 186068
from
Wolfgang Rosenauer (wrosenauer)
(revision 3)
- mod_nss-tlsv1_1.patch: nss.conf.in missed for TLSv1.2 default. - mod_nss-clientauth.patch: merged from RHEL6 pkg - mod_nss-PK11_ListCerts_2.patch: merged from RHEL6 pkg - mod_nss-no_shutdown_if_not_init_2.patch: merged from RHEL6 pkg - mod_nss-sslmultiproxy.patch: merged from RHEL6 pkg - make it build on both Apache2 2.4 and 2.2 systems (forwarded request 186032 from msmeissn)
Stephan Kulow (coolo)
accepted
request 185517
from
Wolfgang Rosenauer (wrosenauer)
(revision 2)
- Add support for TLS v1.1 and TLS v1.2 (TLS v1.2 requires mozilla nss 3.15.1 or newer.) - merged in mod_nss-proxyvariables.patch and mod_nss-tlsv1_1.patch from redhat to allow tls v1.1 too. - ported the tls v1.1 patch to be tls v1.2 aware - added mod_nss-proxyvariables.patch (from RHEL6 package) - added mod_nss-tlsv1_1.patch (from RHEL6 package, enhanced with TLS 1.2) - mod_nss-array_overrun.patch: from RHEL6 package, fixed a array index overrun (forwarded request 185495 from msmeissn)
Displaying revisions 21 - 36 of 36