I have updated nss in Rawhide to the upstream tag NSS_3_13_4_BETA1. The list of bugs fixed on 3.12.4 can be found at https://bugzilla.mozilla.org/show_bug.cgi?id=741135 Please see on this list to if there is anything of concern to products you use or maintain. Some highlists: The primary driver for this release is the regression SSL step-up EKU OID no longer treated as SSL Server type https://bugzilla.mozilla.org/show_bug.cgi?id=737802 Of particulat interest to Openswan is "CKM_DH_DERIVE does not respect VALUE_LEN if VALUE_LEN is greater than the unpadded generated key" https://bugzilla.mozilla.org/show_bug.cgi?id=723740 That provides a real fix to the problems reprted by Openswan. Previous workaround isno longer needed. Thank you, Elio -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
