---
- branch: MAIN
  date: Fri Mar 22 15:50:34 UTC 2019
  files:
  - new: '1.163'
    old: '1.162'
    path: pkgsrc/devel/nss/Makefile
    pathrev: pkgsrc/devel/nss/Makefile@1.163
    type: modified
  - new: '1.94'
    old: '1.93'
    path: pkgsrc/devel/nss/distinfo
    pathrev: pkgsrc/devel/nss/distinfo@1.94
    type: modified
  id: 20190322T155034Z.56429a4d7d9c954c78099b680b4ebbb3761acdd6
  log: "Update to 3.43\n\nChangelog:\nNew Functionality:\n * in sechash.h\n    HASH_GetHashOidTagByHashType
    - convert type HASH_HashType to type\nSECOidTag\n\n * in sslexp.h\n    SSL_SendCertificateRequest
    - allow server to request post-handshake client\n    authentication. To use this
    both peers need to enable the\n    SSL_ENABLE_POST_HANDSHAKE_AUTH option. Note
    that while the mechanism is\n    present, post-handshake authentication is currently
    not TLS 1.3 compliant\n    due to Bug 1532312\n\nNotable changes:\n * The following
    CA certificates were Added:\n  - CN = emSign Root CA - G1\n    SHA-256 Fingerprint:\n40F6AF0346A99AA1CD1D555A4E9CCE62C7F9634603EE406615833DC8C8D00367\n\n
    \ - CN = emSign ECC Root CA - G3\n    SHA-256 Fingerprint:\n86A1ECBA089C4A8D3BBE2734C612BA341D813E043CF9E8A862CD5C57A36BBE6B\n\n
    \ - CN = emSign Root CA - C1\n    SHA-256 Fingerprint:\n125609AA301DA0A249B97A8239CB6A34216F44DCAC9F3954B14292F2E8C8608F\n\n
    \ - CN = emSign ECC Root CA - C3\n    SHA-256 Fingerprint:\nBC4D809B15189D78DB3E1D8CF4F9726A795DA1643CA5F1358E1DDB0EDC0D7EB3\n\n
    \ - CN = Hongkong Post Root CA 3\n    SHA-256 Fingerprint:\n5A2FC03F0C83B090BBFA40604B0988446C7636183DF9846E17101A447FB8EFD6\n\nBugs
    fixed in NSS 3.43\n * Bug 1528669 and Bug 1529308 - Improve Gyp build system handling\n\n
    * Bug 1529950 and Bug 1521174 - Improve NSS S/MIME tests for Thunderbird\n\n *
    Bug 1530134 - If Docker isn't installed, try running a local clang-format\n\t\t
    as a fallback\n\n * Bug 1531267 - Enable FIPS mode automatically if the system
    FIPS mode flag\n\t\t is set\n\n * Bug 1528262 - Add a -J option to the strsclnt
    command to specify sigschemes\n\n * Bug 1513909 - Add manual for nss-policy-check\n\n
    * Bug 1531074 - Fix a deref after a null check in SECKEY_SetPublicValue\n\n *
    Bug 1517714 - Properly handle ESNI with HRR\n\n * Bug 1529813 - Expose HKDF-Expand-Label
    with mechanism\n\n * Bug 1535122 - Align TLS 1.3 HKDF trace levels\n\n * Bug 1530102
    - Use getentropy on compatible versions of FreeBSD\n"
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/devel/nss'
  unixtime: '1553269834'
  user: ryoon