1.84.1. RHBA-2011:0049: bug fix update
An updated mod_nss package that fixes various bugs is now available.
This updated mod_nss package includes fixes for the following bugs:
* Some hardware readers did not work because mod_nss initialized NSS and only then forked its child listeners. This process was not compliant with the PKCS#11 specification of public-key cryptography standards (PKCS). With this update, mod_nss initializes NSS after Apache HTTP Server forks as it is defined in the PKCS specification. ( BZ#498542
* The httpd daemon failed to start if Apache HTTP Server loaded the mod_nss module without the mod_nss configuration. With this update, the httpd daemon starts as expected. ( BZ#513367
* During mod_nss installation the following message appeared:
mod_nss certificate database generated.
With this update, the message no longer appears. ( BZ#529164
* The httpd daemon terminated unexpectedly if the stored token password did not match the database password. With this update, the problem no longer occurs. ( BZ#588858
* Large POST request caused the mod_nss module to get into an infinite loop. This update fixes the problem and the loop no longer occurs. ( BZ#634685
* Server experienced performance issues when starting up. The server searched for the certificates for every configured virtual server. With this update, a server pulls the list of certificates and caches the list. ( BZ#635324
All users of mod_nss are advised to upgrade to this updated package, which resolves these issues.