git: aa43592e856b - main - security/ca_root_nss: Update to 3.83
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 16 Sep 2022 10:58:32 UTC
The branch main has been updated by joneum:
URL: https://cgit.FreeBSD.org/ports/commit/?id=aa43592e856baaa1da52bfe6a853dea81e231912
commit aa43592e856baaa1da52bfe6a853dea81e231912
Author: Jochen Neumeister <joneum@FreeBSD.org>
AuthorDate: 2022-09-16 10:56:30 +0000
Commit: Jochen Neumeister <joneum@FreeBSD.org>
CommitDate: 2022-09-16 10:58:25 +0000
security/ca_root_nss: Update to 3.83
Changelog:
Network Security Services (NSS) 3.83 was released on 15 September 2022.
The HG tag is NSS_3_83_RTM. This version of NSS requires NSPR 4.34.1 or
newer.
Changes:
- Bug 1788875 - Remove set-but-unused variables from
SEC_PKCS12DecoderValidateBags
- Bug 1563221 - remove older oses that are unused part3/ BeOS
- Bug 1563221 - remove older unix support in NSS part 3 Irix
- Bug 1563221 - remove support for older unix in NSS part 2 DGUX
- Bug 1563221 - remove support for older unix in NSS part 1 OSF
- Bug 1778413 - Set nssckbi version number to 2.58
- Bug 1785297 - Add two SECOM root certificates to NSS
- Bug 1787075 - Add two DigitalSign root certificates to NSS
- Bug 1778412 - Remove Camerfirma Global Chambersign Root from NSS
- Bug 1771100 - Added bug reference and description to disabled
UnsolicitedServerNameAck bogo ECH test
- Bug 1779361 - Removed skipping of ECH on equality of private and
public server name
- Bug 1779357 - Added comment and bug reference to
ECHRandomHRRExtension bogo test
- Bug 1779370 - Added Bogo shim client HRR test support. Fixed
overwriting of CHInner.random on HRR
- Bug 1779234 - Added check for server only sending ECH extension
with retry configs in EncryptedExtensions and if not
accepting ECH. Changed config setting behavior to
skip configs with unsupported mandatory extensions
instead of failing
- Bug 1771100 - Added ECH client support to BoGo shim. Changed
CHInner creation to skip TLS 1.2 only extensions to
comply with BoGo
- Bug 1771100 - Added ECH server support to BoGo shim. Fixed NSS ECH
server accept_confirmation bugs
- Bug 1771100 - Update BoGo tests to recent BoringSSL version
- Bug 1785846 - Bump minimum NSPR version to 4.34.1
NSS 3.83 shared libraries are backwards-compatible with all older NSS
3.x shared libraries. A program linked with older NSS 3.x shared
libraries will work with this new version of the shared libraries
without recompiling or relinking. Furthermore, applications that
restrict their use of NSS APIs to the functions listed in NSS Public
Functions will remain compatible with future versions of the NSS
shared libraries.
Sponsored by: Netzkommune GmbH
---
security/ca_root_nss/Makefile | 2 +-
security/ca_root_nss/distinfo | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/security/ca_root_nss/Makefile b/security/ca_root_nss/Makefile
index 0c997a60a338..cfde4021d1fa 100644
--- a/security/ca_root_nss/Makefile
+++ b/security/ca_root_nss/Makefile
@@ -28,7 +28,7 @@ ETCSYMLINK_CONFLICTS_INSTALL= ca-roots-[0-9]*
CERTDIR?= share/certs
PLIST_SUB+= CERTDIR=${CERTDIR}
-VERSION_NSS= 3.82
+VERSION_NSS= 3.83
CERTDATA_TXT_PATH= lib/ckfw/builtins/certdata.txt
BUNDLE_PROCESSOR= MAca-bundle.pl
diff --git a/security/ca_root_nss/distinfo b/security/ca_root_nss/distinfo
index fdfc2f25b785..221d5d356f36 100644
--- a/security/ca_root_nss/distinfo
+++ b/security/ca_root_nss/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1663230185
-SHA256 (nss-3.82.tar.gz) = 32bf673b72c2f9953ed3b4c7033abf5a6cad302854a24ae588c575a6567c1573
-SIZE (nss-3.82.tar.gz) = 84708994
+TIMESTAMP = 1663323124
+SHA256 (nss-3.83.tar.gz) = ab23ea67f964090b8b73c80a674082571c36e5f4eba92057ac648c9c1def0128
+SIZE (nss-3.83.tar.gz) = 84844191