- Since the update to NSS 3.35, the default NSS certificate
  database format changed from Berkley DB to SQLite
- use %license tag

- Update to 1.0.15
  * Try to auto-detect the NSS database format if not specified
  * Update nss_pcache.8 man page to drop directory and prefix
  * When a token is configured in password file only authenticate once
  * Return an error when NSSPassPhraseDialog is invalid
  * Move 3DES ciphers down from HIGH to MEDIUM to match OpenSSL 1.0.2k+
  * Add -Werror=implicit-function-declaration to CFLAGS
  * Handle group membership when testing for file permissions
  * NSS system-wide policy now disables SSLv3, don't use it in tests
  * Add missing error messages for libssl errors
  * Fix doc typo in SSL_[SERVER|CLIENT]_SAN_IPaddr env variable name
  * When including additional test config use specific extension
  * Fix the TLS Session ID cache
  * Make an invalid protocol setting fatal
  * Don't use same NSS db in nss_pcache as mod_nss, use NSS_NoDB_Init()
  * Add info log message when FIPS is enabled
      * Add AES-256 and drop DES, CAST128, SKIPJACK as wrapping key types
  * Fix removal of CR from PEM certificates
  * Add OCSP caching and timeout tuning knobs
  * Check the NSS database directory permissions as well as the files
    inside it for read access on startup.
  * Add in simple aliases for ciphers to fix those that
    don't follow the pattern (dhe_rsa_aes_128_sha256,
    dhe_rsa_aes_256_sha256) and those with typos
    (camelia_128_sha, camelia_256_sha)
  * Fix semaphore leak (forwarded request 584463 from vitezslav_cizek)

• Files Changed
• Browse Source