ELSA-2019-1951

Описание

nspr [4.21.0-2]

• Rebuild

[4.21.0-1]

• Update to NSPR 4.21

nss [3.44.0-7]

• Backport fixes from 3.44.1

[3.44.0-6]

• Add continuous RNG test required by FIPS
• fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism

[3.44.0-5]

• Rebuild with the correct build target

[3.44.0-4.1]

• rebuild to try to retrigger CI tests

[3.44.0-4]

• Fix certutil man page
• Fix extracting a public key from a private key for dh, ec, and dsa

[3.44.0-3]

• Disable TLS 1.3 under FIPS mode
• Disable RSASSA-PKCS1-v1_5 in TLS 1.3
• Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set
• Revert the change to use XDG basedirs (mozilla#818686)

[3.44.0-2]

• Add ike mechanisms in softokn
• Add FIPS checks in softoken

[3.44.0-1]

• Update to NSS 3.44
• Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy
• Use %autosetup
• Clean up manual pages generation
• Clean up %check
• Remove prelink dependency, which is not available in RHEL-8
• Remove upstreamed patches