ca_root_nss 3.13.4 security =99

The root certificate bundle from the Mozilla Project
Maintained by: gecko@FreeBSD.org
Port Added: 06 Jul 2007 21:39:01
License: not specified in port

---

---

Root certificates from certificate authorities included in the Mozilla
NSS library and thus in Firefox and Thunderbird.

This port directly tracks the version of NSS in the security/nss port.

CVSWeb : Sources : Distfiles Availability : PortsMon

---

NOTE: FreshPorts displays only required dependencies information. Optional dependencies are not covered.
Required To Build: lang/perl5.8

Required by:
for Build

net/glib-networking

for Run

devel/bazaar-ng ftp/curl mail/fetchmail mail/msmtp net/boinc-client net/glib-networking net/qt4-network www/midori

---

To install the port: cd /usr/ports/security/ca_root_nss/ && make install clean
To add the package: pkg_add -r ca_root_nss

---

Configuration Options

===> The following configuration options are available for ca_root_nss-3.13.4:
     ETCSYMLINK=off (default) "Add symlink to /etc/ssl/cert.pem"
===> Use 'make config' to modify these settings

---

Master Sites:

https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_13_4_RTM/src/

http://mirror3.mirrors.tds.net/pub/mozilla.org/security/nss/releases/NSS_3_13_4_RTM/src/

http://mozilla.isc.org/pub/mozilla.org/security/nss/releases/NSS_3_13_4_RTM/src/

http://releases.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_13_4_RTM/src/

http://kyoto-mz-dl.sinet.ad.jp/pub/mozilla.org/security/nss/releases/NSS_3_13_4_RTM/src/

http://jp-nii01.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_13_4_RTM/src/

http://jp-nii02.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_13_4_RTM/src/

http://mozilla.mtk.nao.ac.jp/pub/mozilla.org/security/nss/releases/NSS_3_13_4_RTM/src/

http://mirror.internode.on.net/pub/mozilla/security/nss/releases/NSS_3_13_4_RTM/src/

http://ftp.acc.umu.se/pub/mozilla.org/security/nss/releases/NSS_3_13_4_RTM/src/

http://mozilla.c3sl.ufpr.br/releases/security/nss/releases/NSS_3_13_4_RTM/src/

http://www.gtlib.cc.gatech.edu/pub/mozilla.org/security/nss/releases/NSS_3_13_4_RTM/src/

ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_13_4_RTM/src/

ftp://ftp.fh-wolfenbuettel.de/pub/www/mozilla/security/nss/releases/NSS_3_13_4_RTM/src/

ftp://ftp.informatik.rwth-aachen.de/pub/mirror/ftp.mozilla.org/pub/security/nss/releases/NSS_3_13_4_RTM/src/

http://ring.nict.go.jp/archives/net/www/mozilla/security/nss/releases/NSS_3_13_4_RTM/src/

http://ftp.twaren.net/Unix/Mozilla/security/nss/releases/NSS_3_13_4_RTM/src/

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/

update to 3.13.4

Update to 3.13.3

Just overwrite the link if it still exists. That way we are sure that the link
points to the correct file and there is no reason trying to protect the link as
it would be deleted on deinstall anyway.

Suggested by:   dougb

make sure installation does not fail if for whatever reason the symlink in
/etc/ssl is still there on (re)install phase with ETCSYMLINK option set.

Submitted by:   mi

update to 3.13.2

- update to NSS_3_13_1_WITH_CKBI_1_88_RTM

update to CKBI version 1.88 which includes the latest mozilla cert data

now that gecko maintains security/nss also take this port into gecko custody

Discussed with: brooks @ EuroBSDCon 2011
Approved by:    brooks

Change extract program:
- Also work with HEAD (1.79) version of Mozilla's certdata.txt,
  reported by Daniel Stenberg.
- Add BSD 2-clause license.
- Die when certificates without trust block appear.

Forced commit to note:
VID: aa5bc971-d635-11e0-b3cf-080027ef73ec
VID: 1b27af46-d6f6-11e0-89a6-080027ef73ec

See to proper version tags in the bundle .pem file.

Security update: use newer Mozilla Builtin-Trust store
to revoke DigiNotar.nl trust.

Security fix: the modssl ca-bundle.pl script did not process
"untrusted" marks on certificates. Drop it and write a new
script in its place that does that.

Synch up with security/nss port to 3.12.11.

Not asking for maintainer approval because of multiple
timeouts in response to related PRs vs. security/[ca_root_]nss.

Increase the size and verbosity of the comment that the versions used in
this port should track security/nss and www/apache13-modssl.

No functional impact.

Chase nss revision and update to 3.12.9.

PR:             ports/154961
Submitted by:   Niclas Zeising

- fix file name ca-bundle.crt -> ca-root-nss.crt [1]
- Properly sub VERSION_NSS var [1]
- While here, update to 3.12.6 to sync with security/nss

PR:             ports/143584 [1]
Submitted by:   Kevin Kobb <kkobb@skylinecorp.com> [1]
Approved by:    maintainer timeout (brooks ; 209 days) [1]

Upgrade to 3.12.4.

PR:             ports/140609
Submitted by:   Tijl Coosemans <tijl at ulyssis dot org>

Add a comment documenting the fact that we track the versions of
security/nss and www/apach13-modssl.

PR:             ports/136093

o Fix port OPTION ETCSYMLINK which was not creating the proper link.
  Instead of pointing to the crt file, it was pointing to the directory.
o Bump PORTREVISION

PR:             ports/121782
Submitted by:   lioux
Point hat to:   brooks

Add an option (defaulting to off since messing with files outside PREFIX is
to be avoided) to link the installed certificate bundle to /etc/ssh/cert.pem

Add text to pkg-descr:

This port directly tracks the version of NSS in the security/nss port.

Chase nss version to 3.11.9 and modssl to 2.8.31-1.3.41.  This
includes the changes:

Bug 411299, Add Identrust, Truktrust, SwissSign Roots
Bug 229335, Remove certificates that expired in August 2004 from tree

Update to NSS 3.11.7 to match security/nss.

8 new root certiticates added.

Add ca_root_nss:

Root certificates from certificate authorities included in the Mozilla
NSS library and thus in Firefox and Thunderbird.

12 vulnerabilities affecting 17 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities