Update to NSS_3_14_3_RTM
- cherry-pick from master to keep the nss-cbc-random-iv-off-by-by-default patch enabled - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output - Resolves: rhbz#896651 - PEM module trashes private keys if login fails, patch contributed by Nalin Dahyabhai
This commit is contained in:
parent
966b5e412f
commit
a7508f6a97
27
nss.spec
27
nss.spec
@ -1,7 +1,7 @@
|
|||||||
%global nspr_version 4.9.5
|
%global nspr_version 4.9.5
|
||||||
%global nss_util_version 3.14.2
|
%global nss_util_version 3.14.3
|
||||||
%global nss_softokn_fips_version 3.12.9
|
%global nss_softokn_fips_version 3.12.9
|
||||||
%global nss_softokn_version 3.14.2
|
%global nss_softokn_version 3.14.3
|
||||||
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
||||||
|
|
||||||
# Define if using a source archive like "nss-version.with.ckbi.version".
|
# Define if using a source archive like "nss-version.with.ckbi.version".
|
||||||
@ -10,8 +10,8 @@
|
|||||||
|
|
||||||
Summary: Network Security Services
|
Summary: Network Security Services
|
||||||
Name: nss
|
Name: nss
|
||||||
Version: 3.14.2
|
Version: 3.14.3
|
||||||
Release: 2%{?dist}
|
Release: 1%{?dist}
|
||||||
License: MPLv2.0
|
License: MPLv2.0
|
||||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
@ -78,7 +78,8 @@ Patch39: nss-ssl-enforce-no-pkcs11-bypass.path
|
|||||||
Patch40: nss-3.14.0.0-disble-ocsp-test.patch
|
Patch40: nss-3.14.0.0-disble-ocsp-test.patch
|
||||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=835919
|
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=835919
|
||||||
Patch43: no-softoken-freebl-tests.patch
|
Patch43: no-softoken-freebl-tests.patch
|
||||||
Patch44: allow-building-nss-against-older-sqlite.patch
|
Patch44: 0001-sync-up-with-upstream-softokn-changes.patch
|
||||||
|
Patch45: Bug-896651-pem-dont-trash-keys-on-failed-login.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Network Security Services (NSS) is a set of libraries designed to
|
Network Security Services (NSS) is a set of libraries designed to
|
||||||
@ -163,8 +164,8 @@ low level services.
|
|||||||
%patch39 -p1 -b .nobypass
|
%patch39 -p1 -b .nobypass
|
||||||
%patch40 -p1 -b .noocsptest
|
%patch40 -p1 -b .noocsptest
|
||||||
%patch43 -p0 -b .nosoftokentests
|
%patch43 -p0 -b .nosoftokentests
|
||||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=837799
|
%patch44 -p1 -b .syncupwithupstream
|
||||||
%patch44 -p0 -b .oldersqlite
|
%patch45 -p0 -b .notrash
|
||||||
|
|
||||||
%build
|
%build
|
||||||
|
|
||||||
@ -205,7 +206,7 @@ export USE_SYSTEM_FREEBL=1
|
|||||||
NSS_USE_SYSTEM_SQLITE=1
|
NSS_USE_SYSTEM_SQLITE=1
|
||||||
export NSS_USE_SYSTEM_SQLITE
|
export NSS_USE_SYSTEM_SQLITE
|
||||||
|
|
||||||
%ifarch x86_64 ppc64 ia64 s390x sparc64
|
%ifarch x86_64 ppc64 ia64 s390x sparc64 aarch64
|
||||||
USE_64=1
|
USE_64=1
|
||||||
export USE_64
|
export USE_64
|
||||||
%endif
|
%endif
|
||||||
@ -300,7 +301,7 @@ export FREEBL_NO_DEPEND
|
|||||||
BUILD_OPT=1
|
BUILD_OPT=1
|
||||||
export BUILD_OPT
|
export BUILD_OPT
|
||||||
|
|
||||||
%ifarch x86_64 ppc64 ia64 s390x sparc64
|
%ifarch x86_64 ppc64 ia64 s390x sparc64 aarch64
|
||||||
USE_64=1
|
USE_64=1
|
||||||
export USE_64
|
export USE_64
|
||||||
%endif
|
%endif
|
||||||
@ -610,6 +611,14 @@ rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Feb 15 2013 Elio Maldonado <emaldona@redhat.com> - 3.14.3-1
|
||||||
|
- Update to NSS_3_14_3_RTM
|
||||||
|
- sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3
|
||||||
|
- Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack
|
||||||
|
- Resolves: rhbz#896651 - PEM module trashes private keys if login fails
|
||||||
|
- Resolves: rhbz#909775 - specfile support for AArch64
|
||||||
|
- Resolves: rhbz#910584 - certutil -a does not produce ASCII output
|
||||||
|
|
||||||
* Mon Feb 04 2013 Elio Maldonado <emaldona@redhat.com> - 3.14.2-2
|
* Mon Feb 04 2013 Elio Maldonado <emaldona@redhat.com> - 3.14.2-2
|
||||||
- Allow building nss against older system sqlite
|
- Allow building nss against older system sqlite
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user