Rebase package(s) to version: nss-3.15.2
Highlights, important fixes, or notable enhancements:
A security-relevant bug has been resolved in NSS 3.15.2. (CVE-2013-1739) Avoid uninitialized data read in the event of a decryption failure. Upstream URL:
MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs, consistent with their handling for general certificate signatures.
AES-GCM Ciphersuites: AES-GCM cipher suite (RFC 5288 and RFC 5289) support has been added when TLS 1.2 is negotiated. Specifically, the following cipher suites are now supported: