update for MozillaFirefox
Description:
This is also a mozilla-nss update to version 3.16:
* required for Firefox 29
* bmo#903885 - (CVE-2014-1492) In a wildcard certificate,
the wildcard character should not be embedded within
the U-label of an internationalized domain name. See
the last bullet point in RFC 6125, Section 7.2.
* Supports the Linux x32 ABI. To build for the Linux x32
target, set the environment variable USE_X32=1 when
building NSS. New Functions:
* NSS_CMSSignerInfo_Verify New Macros
* TLS_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_3DES_EDE_CBC_SHA, etc., cipher suites that
were first defined in SSL 3.0 can now be referred to
with their official IANA names in TLS, with the TLS_
prefix. Previously, they had to be referred to with
their names in SSL 3.0, with the SSL_ prefix. Notable
Changes:
* ECC is enabled by default. It is no longer necessary to
set the environment variable NSS_ENABLE_ECC=1 when
building NSS. To disable ECC, set the environment
variable NSS_DISABLE_ECC=1 when building NSS.
* libpkix should not include the common name of CA as DNS
names when evaluating name constraints.
* AESKeyWrap_Decrypt should not return SECSuccess for
invalid keys.
* Fix a memory corruption in sec_pkcs12_new_asafe.
* If the NSS_SDB_USE_CACHE environment variable is set,
skip the runtime test sdb_measureAccess.
* The built-in roots module has been updated to version
1.97, which adds, removes, and distrusts several
certificates.
* The atob utility has been improved to automatically
ignore lines of text that aren't in base64 format.
* The certutil utility has been improved to support
creation of version 1 and version 2 certificates, in
addition to the existing version 3 support.
Bump PKGREVISION.
f9f8b72048