CLSA-2024-1734368297 gnutls: Fix of 3 CVEs

Keep the broken pkcs11 tests disabled. - Added CVE-2024-0567 PoC test. - CVE-2023-5981-pre1: improve level of randomness for each operations, always use gnutlsswitchlibstate for pk wrappers. - CVE-2023-5981-pre2: add constant time/cache operations to prevent or minimaze timining or cache side...

nss security update

3.36.0-9.0.1 - Added nss-vendor.patch to change vendor - Temporarily disable some tests until expired PayPalEE.cert is renewed 3.36.0-9 - Backport upstream fix for CVE-2018-12384 - Remove nss-lockcert-api-change.patch, which turned out to be a mistake the symbol was not exported from libnss...

nss security and bug fix update

3.28.4-3.0.1 - Added nss-vendor.patch to change vendor - Temporarily disable some tests until expired PayPalEE.cert is renewed 3.28.4-3 - Fix zero-length record treatment for stream ciphers and SSLv2 3.28.4-2 - Include CKBI 2.14 and updated CA constraints from NSS 3.28.5...