nss/sources
Bob Relyea c9c633332d Resolves: rhbz#2008320
Rebase to NSS 3.71: (changes since NSS 3.67)

    Network Security Services (NSS) 3.71 was released on 30 September 2021.

    The HG tag is NSS_3_71_RTM. This version of NSS requires NSPR 4.32 or newer.

    NSS 3.71 source distributions are available on ftp.mozilla.org for secure HTTPS download: <https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_71_RTM/src/>

    Changes:
    - Bug 1717716 - Set nssckbi version number to 2.52.
    - Bug 1667000 - Respect server requirements of tlsfuzzer/test-tls13-signature-algorithms.py
    - Bug 1373716 - Import of PKCS#12 files with Camellia encryption is not supported
    - Bug 1717707 - Add HARICA Client ECC Root CA 2021.
    - Bug 1717707 - Add HARICA Client RSA Root CA 2021.
    - Bug 1717707 - Add HARICA TLS ECC Root CA 2021.
    - Bug 1717707 - Add HARICA TLS RSA Root CA 2021.
    - Bug 1728394 - Add TunTrust Root CA certificate to NSS.
    -------------------------------------

    Network Security Services (NSS) 3.70 was released on 4 September 2021.

    The HG tag is NSS_3_70_RTM. This version of NSS requires NSPR 4.32 or newer.

    NSS 3.70 source distributions are available on ftp.mozilla.org for secure HTTPS download: <https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_70_RTM/src/>

    Changes:
       - Documentation: release notes for NSS 3.70.
       - Documentation: release notes for NSS 3.69.1.
       - Bug 1726022 - Update test case to verify fix.
       - Bug 1714579 - Explicitly disable downgrade check in TlsConnectStreamTls13.EchOuterWith12Max
       - Bug 1714579 - Explicitly disable downgrade check in TlsConnectTest.DisableFalseStartOnFallback
       - Formatting for lib/util
       - Bug 1681975 - Avoid using a lookup table in nssb64d.
       - Bug 1724629 - Use HW accelerated SHA2 on AArch64 Big Endian.
       - Bug 1714579 - Change default value of enableHelloDowngradeCheck to true.
       - Formatting for gtests/pk11_gtest/pk11_hpke_unittest.cc
       - Bug 1726022 - Cache additional PBE entries.
       - Bug 1709750 - Read HPKE vectors from official JSON.
       - Documentation: update for NSS 3.69 release.

    Network Security Services (NSS) 3.69 was released on 5 August 2021.

    The HG tag is NSS_3_69_RTM. NSS 3.69 requires NSPR 4.32 or newer.

    NSS 3.69 source distributions are available on ftp.mozilla.org for secure HTTPS download: <https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_69_RTM/src/>

    Bugs fixed:
       - Bug 1722613 - Disable DTLS 1.0 and 1.1 by default
       - Bug 1720226 - integrity checks in key4.db not happening on private components with AES_CBC
       - Bug 1720235 - SSL handling of signature algorithms ignores environmental invalid algorithms.
       - Bug 1721476 - sqlite 3.34 changed it's open semantics, causing nss failures.
       - Bug 1720230 - Gtest update changed the gtest reports, losing gtest details in all.sh reports.
       - Bug 1720228 - NSS incorrectly accepting 1536 bit DH primes in FIPS mode
       - Bug 1720232 - SQLite calls could timeout in starvation situations.
       - Bug 1720225 - Coverity/cpp scanner errors found in nss 3.67
       - Bug 1709817 - Import the NSS documentation from MDN in nss/doc.
       - Bug 1720227 - NSS using a tempdir to measure sql performance not active

    Network Security Services (NSS) 3.68 ESR was released on 8 July 2021.

    The HG tag is NSS_3_68_RTM. NSS 3.68 requires NSPR 4.32 or newer.

    NSS 3.68 source distributions are available on ftp.mozilla.org for secure HTTPS download: <https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_68_RTM/src/>

    Bugs fixed:
       -  Bug 1713562 - Fix test leak.
       -  Bug 1717452 - NSS 3.68 should depend on NSPR 4.32.
       -  Bug 1693206 - Implement PKCS8 export of ECDSA keys.
       -  Bug 1712883 - DTLS 1.3 draft-43.
       -  Bug 1655493 - Support SHA2 HW acceleration using Intel SHA Extension.
       -  Bug 1713562 - Validate ECH public names.
       -  Bug 1717610 - Add function to get seconds from epoch from pkix::Time.
2021-10-06 12:09:11 -07:00

8 lines
1.1 KiB
Plaintext

SHA512 (blank-cert8.db) = ac131d15708c5f1b5e467831f919f4fc4ba13b60a4bb5fe260c845fa9afcd899a588d21ed52060abaa1bbb29f2b53af8b495d28407183cb03aff1974f95f1d3d
SHA512 (blank-cert9.db) = 2f8eab4c0612210ee47db8a3a80c1b58a0b43849551af78c7da403fda3e3d4e7757838061ae56ccf5aac335cb54f254f0a9e6e9c0dd5920b4155a39264525b06
SHA512 (blank-key3.db) = 01f7314e9fc8a7c9aa997652624cfcde213d18a6b3bb31840c1a60bbd662e56b5bc3221d13874abb42ce78163b225a6dfce2e1326cf6dd29366ad9c28ba5a71c
SHA512 (blank-key4.db) = 8fedae93af7163da23fe9492ea8e785a44c291604fa98e58438448efb69c85d3253fc22b926d5c3209c62e58a86038fd4d78a1c4c068bc00600a7f3e5382ebe7
SHA512 (blank-secmod.db) = 06a2dbd861839ef6315093459328b500d3832333a34b30e6fac4a2503af337f014a4d319f0f93322409e719142904ce8bc08252ae9a4f37f30d4c3312e900310
SHA512 (nspr-4.32.tar.gz) = da9b65b374783d20a2e589211b411816d899e296e91175d376e59df1919144c1808c155a234d6ceefdf7b8ae8f47cec98d92a5aa3150a579513251860e50dcb7
SHA512 (nss-3.71.tar.gz) = a4a724dc4e8677965b6245ea2309790d31ec7719658e2b349eb67c9008082132c76277340d15e4fdd8d2fe1f560ae6803fb038d023c3dfd2e3772fa3b77720e2