- Update to 3.11.5

- This update fixes two security vulnerabilities with SSL 2
- Do not use -rpath link option
- Added several unsupported tools to tools package
This commit is contained in:
Kai Engert 2007-02-24 08:43:08 +00:00
parent 191c28e50c
commit 7f17142907
5 changed files with 52 additions and 5 deletions

View File

@ -1 +1 @@
nss-3.11.4.tar.gz nss-3.11.5.tar.gz

View File

@ -4,6 +4,7 @@ set -e
mv ${FREEBLDIR}/ecl/ecl-exp.h ${FREEBLDIR}/save mv ${FREEBLDIR}/ecl/ecl-exp.h ${FREEBLDIR}/save
rm -rf ${FREEBLDIR}/ecl/tests rm -rf ${FREEBLDIR}/ecl/tests
rm -rf ${FREEBLDIR}/ecl/CVS
for i in ${FREEBLDIR}/ecl/* ; do for i in ${FREEBLDIR}/ecl/* ; do
echo clobbering $i echo clobbering $i
> $i > $i

14
nss-no-rpath.patch Normal file
View File

@ -0,0 +1,14 @@
--- ./mozilla/security/nss/cmd/platlibs.mk.withrpath 2007-02-19 07:17:06.000000000 +0100
+++ ./mozilla/security/nss/cmd/platlibs.mk 2007-02-19 07:18:07.000000000 +0100
@@ -52,9 +52,9 @@
ifeq ($(OS_ARCH), Linux)
ifeq ($(USE_64), 1)
-EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib64:$$ORIGIN/../lib'
+#EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib64:$$ORIGIN/../lib'
else
-EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib'
+#EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib'
endif
endif

View File

@ -1,9 +1,10 @@
%define nspr_version 4.6.2 %define nspr_version 4.6.2
%define unsupported_tools_directory %{_libdir}/nss/unsupported-tools
Summary: Network Security Services Summary: Network Security Services
Name: nss Name: nss
Version: 3.11.4 Version: 3.11.5
Release: 5%{?dist} Release: 1%{?dist}
License: MPL/GPL/LGPL License: MPL/GPL/LGPL
URL: http://www.mozilla.org/projects/security/pki/nss/ URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries Group: System Environment/Libraries
@ -23,6 +24,8 @@ Source4: blank-key3.db
Source5: blank-secmod.db Source5: blank-secmod.db
Source6: nss-clobber.sh Source6: nss-clobber.sh
Patch1: nss-no-rpath.patch
%description %description
Network Security Services (NSS) is a set of libraries designed to Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and support cross-platform development of security-enabled client and
@ -72,6 +75,7 @@ low level services.
%prep %prep
%setup -q %setup -q
sh %{SOURCE6} > /dev/null sh %{SOURCE6} > /dev/null
%patch1 -p0
%build %build
@ -148,6 +152,7 @@ chmod 755 $RPM_BUILD_ROOT/%{_bindir}/nss-config
%{__mkdir_p} $RPM_BUILD_ROOT/%{_includedir}/nss3 %{__mkdir_p} $RPM_BUILD_ROOT/%{_includedir}/nss3
%{__mkdir_p} $RPM_BUILD_ROOT/%{_bindir} %{__mkdir_p} $RPM_BUILD_ROOT/%{_bindir}
%{__mkdir_p} $RPM_BUILD_ROOT/%{_libdir} %{__mkdir_p} $RPM_BUILD_ROOT/%{_libdir}
%{__mkdir_p} $RPM_BUILD_ROOT/%{unsupported_tools_directory}
# Copy the binary libraries we want # Copy the binary libraries we want
for file in libnss3.so libssl3.so libsmime3.so libsoftokn3.so libnssckbi.so libfreebl3.so for file in libnss3.so libssl3.so libsmime3.so libsoftokn3.so libnssckbi.so libfreebl3.so
@ -174,11 +179,17 @@ do
done done
# Copy the binaries we want # Copy the binaries we want
for file in certutil modutil pk12util signtool ssltap for file in certutil cmsutil crlutil modutil pk12util signtool signver ssltap
do do
%{__install} -m 755 mozilla/dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{_bindir} %{__install} -m 755 mozilla/dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{_bindir}
done done
# Copy the binaries we ship as unsupported
for file in atob btoa derdump ocspclnt pp selfserv shlibsign strsclnt symkeyutil tstclnt vfyserv vfychain
do
%{__install} -m 755 mozilla/dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{unsupported_tools_directory}
done
# Copy the include files # Copy the include files
for file in mozilla/dist/public/nss/*.h for file in mozilla/dist/public/nss/*.h
do do
@ -216,10 +227,25 @@ done
%files tools %files tools
%defattr(-,root,root) %defattr(-,root,root)
%{_bindir}/certutil %{_bindir}/certutil
%{_bindir}/cmsutil
%{_bindir}/crlutil
%{_bindir}/modutil %{_bindir}/modutil
%{_bindir}/pk12util %{_bindir}/pk12util
%{_bindir}/signtool %{_bindir}/signtool
%{_bindir}/signver
%{_bindir}/ssltap %{_bindir}/ssltap
%{unsupported_tools_directory}/atob
%{unsupported_tools_directory}/btoa
%{unsupported_tools_directory}/derdump
%{unsupported_tools_directory}/ocspclnt
%{unsupported_tools_directory}/pp
%{unsupported_tools_directory}/selfserv
%{unsupported_tools_directory}/shlibsign
%{unsupported_tools_directory}/strsclnt
%{unsupported_tools_directory}/symkeyutil
%{unsupported_tools_directory}/tstclnt
%{unsupported_tools_directory}/vfyserv
%{unsupported_tools_directory}/vfychain
%files devel %files devel
@ -327,6 +353,12 @@ done
%changelog %changelog
* Sat Feb 24 2007 Kai Engert <kengert@redhat.com> - 3.11.5-1
- Update to 3.11.5
- This update fixes two security vulnerabilities with SSL 2
- Do not use -rpath link option
- Added several unsupported tools to tools package
* Tue Jan 9 2007 Bob Relyea <rrelyea@redhat.com> - 3.11.4-4 * Tue Jan 9 2007 Bob Relyea <rrelyea@redhat.com> - 3.11.4-4
- disable ECC, cleanout dead code - disable ECC, cleanout dead code

View File

@ -1 +1 @@
74af8ebdf94307f47ff8931adbef9c39 nss-3.11.4.tar.gz 1add44e6a41dbf5091cfd000f19ad6b9 nss-3.11.5.tar.gz