- cherry-pick from master to keep the nss-cbc-random-iv-off-by-by-default patch enabled
- sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3
- Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack
- Resolves: rhbz#909775 - specfile support for AArch64
- Resolves: rhbz#910584 - certutil -a does not produce ASCII output
- Resolves: rhbz#896651 - PEM module trashes private keys if login fails,
patch contributed by Nalin Dahyabhai
- Resolves: rhbz#896651 - PEM module trashes private keys if login fails
- Resolves: rhbz#909775 - specfile support for AArch64
- Resolves: rhbz#910584 - certutil -a does not produce ASCII output, upstream fix
- sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3
- these changes are in experimental RSA OAEP code currently in a state of flux
- and required for the PEM module to compile with the nss 3.4.3 update
- Update the minimum requred versiobs of nspr, nss-util, and nss-softokn
- Remove patch obsoleted by the update and update others
- Restore missing second half of the cbc random iv by default patch
- Restore the freebl tests patch until we build without nsssoftoken
- added a patch to not compile the softoken/freebl tests
- needed due to upstream changes to coreconf
- to be addjusted or removed if patch to enabled building nss without softoken is accepted upstream
- Remove the second hunk so it applies, patch compliens it a previously appled change
- Must investigate why the second part seems to be applied already
- Remove a pprtion that is actually applied already
- Current one gives the desired results but must invertigate further why the sencnd hunk is already applied.
- Update to NSS_3_14_RTM
- Update the license to MPLv2.0
- Bug 870864 - Add support in NSS for Secure Boot
- Bug 871882 - Update the spec file to install sechash.h and also secmodt.h
- Bug 806588 - Disable SSL PKCS #11 bypass at build time and return failure on attempts to enable it at runtime
- Bug 872124 - nss-3.14 breaks fedpkg new-sources - fix pk11wrap locking to prevent 'fedpkg new-sources' and 'fedpkg update' hangs
- Add a dummy source file for testing /preventing fedpkg breakage
- Enable patch to set NSS_SSL_CBC_RANDOM_IV to 1 by default
- Use only -f when removing unwanted headers
- Update nss-589636.patch to apply to httpdserv
- turn off ocsp tests for now
- update various patches on account of upstream source updates
- remove no longer needed patches
- Revert back to using szOID_KP_CTL_USAGE_SIGNING instead of SEC_OID_KP_CTL_USAGE_SIGNING
- This is our temporary local private name and what makes this code work even after we rebase
- and pick up the upstream changes. Of course, this patch will be removed when that happens.
- Bug 872124 - nss-3.14 breaks fedpkg new-sources
- Preliminary fix as patch could change as a result of upstream review
- Renamed the patch file to refer to the correct bug number
- Renamed: Bug-872838-fix-pk11wrap-locking.patch -> Bug-872124-fix-pk11wrap-locking.patch
- Fixed the reference in spec file
Please enter the commit message for your changes. Lines starting
- Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while
- Keeping the patch disabled while we are still in rawhide and
- State in comment that patch is needed for both stable and beta branches
- Update .gitignore to download only the new sources