Update to NSS_3_14_3_RTM
- cherry-pick from master to keep the nss-cbc-random-iv-off-by-by-default patch enabled - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output - Resolves: rhbz#896651 - PEM module trashes private keys if login fails, patch contributed by Nalin Dahyabhai
This commit is contained in:
parent
966b5e412f
commit
a7508f6a97
27
nss.spec
27
nss.spec
@ -1,7 +1,7 @@
|
||||
%global nspr_version 4.9.5
|
||||
%global nss_util_version 3.14.2
|
||||
%global nss_util_version 3.14.3
|
||||
%global nss_softokn_fips_version 3.12.9
|
||||
%global nss_softokn_version 3.14.2
|
||||
%global nss_softokn_version 3.14.3
|
||||
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
||||
|
||||
# Define if using a source archive like "nss-version.with.ckbi.version".
|
||||
@ -10,8 +10,8 @@
|
||||
|
||||
Summary: Network Security Services
|
||||
Name: nss
|
||||
Version: 3.14.2
|
||||
Release: 2%{?dist}
|
||||
Version: 3.14.3
|
||||
Release: 1%{?dist}
|
||||
License: MPLv2.0
|
||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||
Group: System Environment/Libraries
|
||||
@ -78,7 +78,8 @@ Patch39: nss-ssl-enforce-no-pkcs11-bypass.path
|
||||
Patch40: nss-3.14.0.0-disble-ocsp-test.patch
|
||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=835919
|
||||
Patch43: no-softoken-freebl-tests.patch
|
||||
Patch44: allow-building-nss-against-older-sqlite.patch
|
||||
Patch44: 0001-sync-up-with-upstream-softokn-changes.patch
|
||||
Patch45: Bug-896651-pem-dont-trash-keys-on-failed-login.patch
|
||||
|
||||
%description
|
||||
Network Security Services (NSS) is a set of libraries designed to
|
||||
@ -163,8 +164,8 @@ low level services.
|
||||
%patch39 -p1 -b .nobypass
|
||||
%patch40 -p1 -b .noocsptest
|
||||
%patch43 -p0 -b .nosoftokentests
|
||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=837799
|
||||
%patch44 -p0 -b .oldersqlite
|
||||
%patch44 -p1 -b .syncupwithupstream
|
||||
%patch45 -p0 -b .notrash
|
||||
|
||||
%build
|
||||
|
||||
@ -205,7 +206,7 @@ export USE_SYSTEM_FREEBL=1
|
||||
NSS_USE_SYSTEM_SQLITE=1
|
||||
export NSS_USE_SYSTEM_SQLITE
|
||||
|
||||
%ifarch x86_64 ppc64 ia64 s390x sparc64
|
||||
%ifarch x86_64 ppc64 ia64 s390x sparc64 aarch64
|
||||
USE_64=1
|
||||
export USE_64
|
||||
%endif
|
||||
@ -300,7 +301,7 @@ export FREEBL_NO_DEPEND
|
||||
BUILD_OPT=1
|
||||
export BUILD_OPT
|
||||
|
||||
%ifarch x86_64 ppc64 ia64 s390x sparc64
|
||||
%ifarch x86_64 ppc64 ia64 s390x sparc64 aarch64
|
||||
USE_64=1
|
||||
export USE_64
|
||||
%endif
|
||||
@ -610,6 +611,14 @@ rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
|
||||
|
||||
|
||||
%changelog
|
||||
* Fri Feb 15 2013 Elio Maldonado <emaldona@redhat.com> - 3.14.3-1
|
||||
- Update to NSS_3_14_3_RTM
|
||||
- sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3
|
||||
- Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack
|
||||
- Resolves: rhbz#896651 - PEM module trashes private keys if login fails
|
||||
- Resolves: rhbz#909775 - specfile support for AArch64
|
||||
- Resolves: rhbz#910584 - certutil -a does not produce ASCII output
|
||||
|
||||
* Mon Feb 04 2013 Elio Maldonado <emaldona@redhat.com> - 3.14.2-2
|
||||
- Allow building nss against older system sqlite
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user