]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: bab2ca4) | patch
nss: update to 3.41
authorArmin Kuster <akuster808@gmail.com>
Wed, 2 Jan 2019 16:36:13 +0000 (08:36 -0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 3 Jan 2019 12:46:16 +0000 (12:46 +0000)
commitba32981e6d499f21fbe6d8ba89162aaffb2cdcfc
treeed927391a5032db7c54fe5834b6e27b41ee1835ctree | snapshot
parentbab2ca409384b76ca793168e0d0e0ba51a8c60f8commit | diff
nss: update to 3.41

Bug fix only update.

    Bug 1252891 - Implemented EKU handling for IPsec IKE.
    Bug 1423043 - Enable half-closed states for TLS.
    Bug 1493215 - Enabled the following ciphersuites by default:
        TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
        TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
        TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
        TLS_RSA_WITH_AES_256_GCM_SHA384

    Bug 1412829, Reject empty supported_signature_algorithms in Certificate Request in TLS 1.2
    Bug 1485864 - Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404)
    Bug 1481271 - Resend the same ticket in ClientHello after HelloRetryRequest
    Bug 1493769 - Set session_id for external resumption tokens
    Bug 1507179 - Reject CCS after handshake is complete in TLS 1.3

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-support/nss/nss_3.41.bb [moved from meta/recipes-support/nss/nss_3.40.bb with 98% similarity] diff | blob | history
Mirror of the official openembedded-core repository