Fix LDFLAGS injection when creating DSO

add-relro-linker-option.patch

@@ -1,16 +0,0 @@
-diff -up nss/coreconf/Linux.mk.relro nss/coreconf/Linux.mk
---- nss/coreconf/Linux.mk.relro	2013-04-09 14:29:45.943228682 -0700
-+++ nss/coreconf/Linux.mk	2013-04-09 14:31:26.194953927 -0700
-@@ -174,6 +174,12 @@ endif
- endif
- endif
- 
-+# harden DSOs/executables a bit against exploits
-+ifeq (2.6,$(firstword $(sort 2.6 $(OS_RELEASE))))
-+DSO_LDOPTS+=-Wl,-z,relro
-+LDFLAGS	+= -Wl,-z,relro
-+endif
-+
- USE_SYSTEM_ZLIB = 1
- ZLIB_LIBS = -lz
- 

nss.spec

@@ -18,7 +18,7 @@ Name:             nss
 Version:          %{nss_version}
 # for Rawhide, please always use release >= 2
 # for Fedora release branches, please use release < 2 (1.0, 1.1, ...)
-Release:          2%{?dist}
+Release:          3%{?dist}
 License:          MPLv2.0
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Group:            System Environment/Libraries
@@ -62,7 +62,6 @@ Source26:         key4.db.xml
 Source27:         secmod.db.xml
 Source28:         nss-p11-kit.config
 
-Patch2:           add-relro-linker-option.patch
 Patch3:           renegotiate-transitional.patch
 # Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=617723
 Patch16:          nss-539183.patch
@@ -156,7 +155,6 @@ low level services.
 %prep
 %setup -q -n %{name}-%{nss_archive_version}
 
-%patch2 -p0 -b .relro
 %patch3 -p0 -b .transitional
 %patch16 -p0 -b .539183
 %patch47 -p0 -b .templates
@@ -216,6 +214,9 @@ export XCFLAGS
 LDFLAGS=$RPM_LD_FLAGS
 export LDFLAGS
 
+DSO_LDOPTS=$RPM_LD_FLAGS
+export DSO_LDOPTS
+
 PKG_CONFIG_ALLOW_SYSTEM_LIBS=1
 PKG_CONFIG_ALLOW_SYSTEM_CFLAGS=1
 
@@ -743,6 +744,9 @@ update-crypto-policies
 
 
 %changelog
+* Thu Sep 13 2018 Daiki Ueno <dueno@redhat.com> - 3.39.0-3
+- Fix LDFLAGS injection
+
 * Mon Sep  3 2018 Daiki Ueno <dueno@redhat.com> - 3.39.0-2
 - Update to NSS 3.39
 - Use the upstream tarball as it is (rhbz#1578106)