Request 669997: Submit mozilla-nss - openSUSE Build Service

Overview

Request 669997 accepted

- update to NSS 3.41.1
* (3.41) required by Firefox 65.0
New functionality
* Implemented EKU handling for IPsec IKE. (bmo#1252891)
* Enable half-closed states for TLS. (bmo#1423043)
* Enabled the following ciphersuites by default: (bmo#1493215)
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_GCM_SHA384
Notable changes
* The following CA certificates were added:
CN = Certigna Root CA
CN = GTS Root R1
CN = GTS Root R2
CN = GTS Root R3
CN = GTS Root R4
CN = UCA Global G2 Root
CN = UCA Extended Validation Root
* The following CA certificates were removed:
CN = AC Raíz Certicámara S.A.
CN = Certplus Root CA G1
CN = Certplus Root CA G2
CN = OpenTrust Root CA G1
CN = OpenTrust Root CA G2
CN = OpenTrust Root CA G3
Bugs fixed
* Reject empty supported_signature_algorithms in Certificate
Request in TLS 1.2 (bmo#1412829)
* Cache side-channel variant of the Bleichenbacher attack (bmo#1485864)

Created by wrosenauer over 5 years ago
In state accepted

Submit mozilla-nss

Comments for request 669997 0

Login required, please login in order to comment

Request History

wrosenauer created request over 5 years ago

- update to NSS 3.41.1
* (3.41) required by Firefox 65.0
New functionality
* Implemented EKU handling for IPsec IKE. (bmo#1252891)
* Enable half-closed states for TLS. (bmo#1423043)
* Enabled the following ciphersuites by default: (bmo#1493215)
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_GCM_SHA384
Notable changes
* The following CA certificates were added:
CN = Certigna Root CA
CN = GTS Root R1
CN = GTS Root R2
CN = GTS Root R3
CN = GTS Root R4
CN = UCA Global G2 Root
CN = UCA Extended Validation Root
* The following CA certificates were removed:
CN = AC Raíz Certicámara S.A.
CN = Certplus Root CA G1
CN = Certplus Root CA G2
CN = OpenTrust Root CA G1
CN = OpenTrust Root CA G2
CN = OpenTrust Root CA G3
Bugs fixed
* Reject empty supported_signature_algorithms in Certificate
Request in TLS 1.2 (bmo#1412829)
* Cache side-channel variant of the Bleichenbacher attack (bmo#1485864)

licensedigger accepted review over 5 years ago

ok

factory-auto added opensuse-review-team as a reviewer over 5 years ago

Please review sources

factory-auto added repo-checker as a reviewer over 5 years ago

Please review build success

factory-auto accepted review over 5 years ago

Check script succeeded

jengelh accepted review over 5 years ago

dimstar_suse set openSUSE:Factory:Staging:H as a staging project over 5 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:H"

dimstar_suse accepted review over 5 years ago

Picked openSUSE:Factory:Staging:H

repo-checker accepted review over 5 years ago

cycle and install check passed

coolo accepted review over 5 years ago

ready to accept

coolo approved review over 5 years ago

ready to accept

coolo accepted request over 5 years ago

Accept to openSUSE:Factory

openSUSE Build Service is sponsored by