Linux @ CERN

CERN > IT > Linux

"SLC6X: system environment/daemons: mod_nss

mod_nss - SSL/TLS module for the Apache HTTP server

Website: https://fedorahosted.org/mod_nss/
License: ASL 2.0
Vendor: Scientific Linux CERN, http://cern.ch/linux
Description:
The mod_nss module provides strong cryptography for the Apache Web
server via the Secure Sockets Layer (SSL) and Transport Layer
Security (TLS) protocols using the Network Security Services (NSS)
security library.

Packages

mod_nss-1.0.10-9.el6.i686 [95 KiB] Changelog by Matthew Harmsen (2016-11-07):
- Backported patch from Rob Crittenden
- Bugzilla Bug #1390359 - foward port NSS OCSP cache settings (rcritten)
mod_nss-1.0.10-6.el6.i686 [93 KiB] Changelog by Matthew Harmsen (2016-02-25):
- Resolves: rhbz #1312052 - NSSProtocol is ignored when NSSFIPS is enabled.
mod_nss-1.0.10-2.el6_7.i686 [89 KiB] Changelog by Matthew Harmsen (2016-04-01):
- Resolves: rhbz #1322304 - NSSProtocol is ignored when NSSFIPS is enabled.
mod_nss-1.0.10-1.el6.i686 [88 KiB] Changelog by Matthew Harmsen (2015-01-22):
- Resolves: rhbz #1166316 - Rebase mod_nss to 1.0.10 to support TLSv1.2
mod_nss-1.0.8-21.el6.i686 [85 KiB] Changelog by Matthew Harmsen (2014-06-05):
- Bumped version build/runtime requirements for 'nspr' and 'nss'
- Added runtime dependency for 'nss-softokn'
- Bugzilla Bug #1002733 - Apache core generated with sig 5
- Bugzilla Bug #1016628 - mod_nss httpd segfaulting regularly
- Bugzilla Bug #866703 - Memory error in mod_nss (eol_memmove.patch)
mod_nss-1.0.8-19.el6_5.i686 [84 KiB] Changelog by Rob Crittenden (2013-11-15):
- Resolves: CVE-2013-4566
- Bugzilla Bug #1030265 - mod_nss: incorrect handling of NSSVerifyClient in
  directory context [rhel-6.5.z]
mod_nss-1.0.8-18.el6.i686 [85 KiB] Changelog by Matthew Harmsen (2012-10-23):
- Fixes Bugzilla Bug #835071 - [RFE] Support ability to share mod_proxy with
  other SSL providers (w/jorton, nkinder, & rcritten)
mod_nss-1.0.8-15.el6.i686 [83 KiB] Changelog by Rob Crittenden (2012-02-29):
- Fixes Bugzilla Bug #749408 - PK11_ListCerts called to retrieve all user
  certificates for every server (mod_nss-PK11_ListCerts.patch)
- Fixes Bugzilla Bug #749409 - Add '--enable-ecc' option to '
  CFLAGS="${CFLAGS:--O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables}" ; export CFLAGS ; 
  CXXFLAGS="${CXXFLAGS:--O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables}" ; export CXXFLAGS ; 
  FFLAGS="${FFLAGS:--O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -I/usr/lib/gfortran/modules}" ; export FFLAGS ; 
  ./configure --build=i386-koji-linux-gnu --host=i386-koji-linux-gnu \
	--target=i686-redhat-linux-gnu \
	--program-prefix= \
	--prefix=/usr \
	--exec-prefix=/usr \
	--bindir=/usr/bin \
	--sbindir=/usr/sbin \
	--sysconfdir=/etc \
	--datadir=/usr/share \
	--includedir=/usr/include \
	--libdir=/usr/lib \
	--libexecdir=/usr/libexec \
	--localstatedir=/var \
	--sharedstatedir=/var/lib \
	--mandir=/usr/share/man \
	--infodir=/usr/share/info'
  line under '%build
LANG=C
export LANG
unset DISPLAY
' section of RHEL 6 spec file
mod_nss-1.0.8-14.el6_2.i686 [81 KiB] Changelog by Robert Relyea (2012-02-29):
- Fix 'Bugzilla Bug #797358 - mod_nss fails debug assertion' by removing
  'mod_nss-no_shutdown_if_not_init.patch' and applying
  'mod_nss-no_shutdown_if_not_init_2.patch' instead
- The 'mod_nss-no_shutdown_if_not_init_2.patch' patch also fixes
  Bugzilla Bug #797326 - File descriptor leak after "service httpd reload"
  or httpd doesn't reload
mod_nss-1.0.8-13.el6.i686 [81 KiB] Changelog by Rob Crittenden (2011-08-01):
- Fix array overrun when launching nss_pcache (#714154)
- For FakeBasicAuth retrieve the entire subject, not just CN. Prefix this
  with "/" to be compatible with OpenSSL.
  Always retrieve the client certificate, not just on the first request
  it is needed. (#702437)
- Don't try to shut down NSS if it wasn't initialized. (#691502)
mod_nss-1.0.8-12.el6.i686 [81 KiB] Changelog by Rob Crittenden (2011-03-09):
- Use memmove in place of memcpy since the buffers can overlap (#682326)

Listing created by repoview