Compare commits

...

No commits in common. "c8-stream-10.6" and "c9" have entirely different histories.

3 changed files with 268 additions and 181 deletions

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/jss-4.11.0.tar.gz SOURCES/jss-5.5.0.tar.gz

View File

@ -1 +1 @@
a068537cd958000dcd3b34847533101f95fc792b SOURCES/jss-4.11.0.tar.gz 6676c7d420ad45f610e9f5ba7513e77186ddb5be SOURCES/jss-5.5.0.tar.gz

View File

@ -5,20 +5,29 @@ Name: jss
%global product_id idm-jss %global product_id idm-jss
# Upstream version number: # Upstream version number:
%global major_version 4 %global major_version 5
%global minor_version 11 %global minor_version 5
%global update_version 0 %global update_version 0
# Downstream release number:
# - development/stabilization (unsupported): 0.<n> where n >= 1
# - GA/update (supported): <n> where n >= 1
%global release_number 1
# Development phase:
# - development (unsupported): alpha<n> where n >= 1
# - stabilization (unsupported): beta<n> where n >= 1
# - GA/update (supported): <none>
#global phase
%undefine timestamp
%undefine commit_id
Summary: Java Security Services (JSS) Summary: Java Security Services (JSS)
URL: https://github.com/dogtagpki/jss URL: https://github.com/dogtagpki/jss
License: MPLv1.1 or GPLv2+ or LGPLv2+ License: (MPL-1.1 or GPL-2.0-or-later or LGPL-2.1-or-later) and Apache-2.0
# For development (i.e. unsupported) releases, use x.y.z-0.n.<phase>.
# For official (i.e. supported) releases, use x.y.z-r where r >=1.
%global release_number 1
Version: %{major_version}.%{minor_version}.%{update_version} Version: %{major_version}.%{minor_version}.%{update_version}
Release: %{release_number}%{?_timestamp}%{?_commit_id}%{?dist} Release: %{release_number}%{?phase:.}%{?phase}%{?timestamp:.}%{?timestamp}%{?commit_id:.}%{?commit_id}%{?dist}
#global _phase -alpha1
# To generate the source tarball: # To generate the source tarball:
# $ git clone https://github.com/dogtagpki/jss.git # $ git clone https://github.com/dogtagpki/jss.git
@ -27,11 +36,7 @@ Release: %{release_number}%{?_timestamp}%{?_commit_id}%{?dist}
# $ git push origin v4.5.<z> # $ git push origin v4.5.<z>
# Then go to https://github.com/dogtagpki/jss/releases and download the source # Then go to https://github.com/dogtagpki/jss/releases and download the source
# tarball. # tarball.
Source: https://github.com/dogtagpki/jss/archive/v%{version}%{?_phase}/jss-%{version}%{?_phase}.tar.gz Source: https://github.com/dogtagpki/jss/archive/v%{version}%{?phase:-}%{?phase}/jss-%{version}%{?phase:-}%{?phase}.tar.gz
# md2man not available on i686
ExcludeArch: i686
# To create a patch for all changes since a version tag: # To create a patch for all changes since a version tag:
# $ git format-patch \ # $ git format-patch \
@ -40,28 +45,33 @@ ExcludeArch: i686
# > jss-VERSION-RELEASE.patch # > jss-VERSION-RELEASE.patch
# Patch: jss-VERSION-RELEASE.patch # Patch: jss-VERSION-RELEASE.patch
%if 0%{?java_arches:1}
ExclusiveArch: %{java_arches}
%else
ExcludeArch: i686
%endif
################################################################################ ################################################################################
# Java # Java
################################################################################ ################################################################################
%if 0%{?fedora} && 0%{?fedora} <= 32 || 0%{?rhel} && 0%{?rhel} <= 8 %define java_devel java-17-openjdk-devel
%define java_devel java-1.8.0-openjdk-devel %define java_headless java-17-openjdk-headless
%define java_headless java-1.8.0-openjdk-headless %define java_home %{_jvmdir}/jre-17-openjdk
%define java_home /usr/lib/jvm/jre-1.8.0-openjdk
%else
%define java_devel java-11-openjdk-devel
%define java_headless java-11-openjdk-headless
%define java_home /usr/lib/jvm/jre-11-openjdk
%endif
################################################################################ ################################################################################
# Build Options # Build Options
################################################################################ ################################################################################
# By default the build will execute unit tests unless --without tests # By default the javadoc package will be built unless --without javadoc
# option is specified. # option is specified.
%bcond_without tests %bcond_without javadoc
# By default the build will not execute unit tests unless --with tests
# option is specified.
%bcond_with tests
################################################################################ ################################################################################
# Build Dependencies # Build Dependencies
@ -73,16 +83,15 @@ BuildRequires: zip
BuildRequires: unzip BuildRequires: unzip
BuildRequires: gcc-c++ BuildRequires: gcc-c++
BuildRequires: nss-devel >= 3.44 BuildRequires: nss-devel >= 3.66
BuildRequires: nss-tools >= 3.44 BuildRequires: nss-tools >= 3.66
BuildRequires: %{java_devel}
BuildRequires: jpackage-utils
BuildRequires: slf4j
BuildRequires: glassfish-jaxb-api
BuildRequires: slf4j-jdk14
BuildRequires: apache-commons-lang3
BuildRequires: junit BuildRequires: %{java_devel}
BuildRequires: maven-local
BuildRequires: mvn(org.apache.commons:commons-lang3)
BuildRequires: mvn(org.slf4j:slf4j-api)
BuildRequires: mvn(org.slf4j:slf4j-jdk14)
BuildRequires: mvn(junit:junit)
%description %description
Java Security Services (JSS) is a java native interface which provides a bridge Java Security Services (JSS) is a java native interface which provides a bridge
@ -95,13 +104,12 @@ This only works with gcj. Other JREs require that JCE providers be signed.
Summary: Java Security Services (JSS) Summary: Java Security Services (JSS)
Requires: nss >= 3.44 Requires: nss >= 3.66
Requires: %{java_headless} Requires: %{java_headless}
Requires: jpackage-utils Requires: mvn(org.apache.commons:commons-lang3)
Requires: slf4j Requires: mvn(org.slf4j:slf4j-api)
Requires: glassfish-jaxb-api Requires: mvn(org.slf4j:slf4j-jdk14)
Requires: slf4j-jdk14
Requires: apache-commons-lang3
Obsoletes: jss < %{version}-%{release} Obsoletes: jss < %{version}-%{release}
Provides: jss = %{version}-%{release} Provides: jss = %{version}-%{release}
@ -110,7 +118,6 @@ Provides: %{product_id} = %{major_version}.%{minor_version}
Conflicts: ldapjdk < 4.20 Conflicts: ldapjdk < 4.20
Conflicts: idm-console-framework < 1.2 Conflicts: idm-console-framework < 1.2
Conflicts: tomcatjss < 7.6.0
Conflicts: pki-base < 10.10.0 Conflicts: pki-base < 10.10.0
%description -n %{product_id} %description -n %{product_id}
@ -118,6 +125,42 @@ Java Security Services (JSS) is a java native interface which provides a bridge
for java-based applications to use native Network Security Services (NSS). for java-based applications to use native Network Security Services (NSS).
This only works with gcj. Other JREs require that JCE providers be signed. This only works with gcj. Other JREs require that JCE providers be signed.
################################################################################
%package -n %{product_id}-tomcat
################################################################################
Summary: Java Security Services (JSS) Connector for Tomcat
# Tomcat
BuildRequires: mvn(org.apache.tomcat:tomcat-catalina) >= 9.0.62
BuildRequires: mvn(org.apache.tomcat:tomcat-coyote) >= 9.0.62
BuildRequires: mvn(org.apache.tomcat:tomcat-juli) >= 9.0.62
Requires: %{product_id} = %{version}-%{release}
Requires: mvn(org.apache.tomcat:tomcat-catalina) >= 9.0.62
Requires: mvn(org.apache.tomcat:tomcat-coyote) >= 9.0.62
Requires: mvn(org.apache.tomcat:tomcat-juli) >= 9.0.62
# Tomcat JSS has been replaced with JSS Connector for Tomcat.
# This will remove installed Tomcat JSS packages.
Obsoletes: tomcatjss <= 8.5
Conflicts: tomcatjss <= 8.5
Obsoletes: idm-tomcatjss <= 8.5
Conflicts: idm-tomcatjss <= 8.5
%if 0%{?rhel} <= 8
# PKI Servlet Engine has been replaced with Tomcat.
# This will remove installed PKI Servlet Engine packages.
Obsoletes: pki-servlet-engine <= 9.0
Conflicts: pki-servlet-engine <= 9.0
%endif
%description -n %{product_id}-tomcat
JSS Connector for Tomcat is a Java Secure Socket Extension (JSSE)
module for Apache Tomcat that uses Java Security Services (JSS),
a Java interface to Network Security Services (NSS).
%if %{with javadoc}
################################################################################ ################################################################################
%package -n %{product_id}-javadoc %package -n %{product_id}-javadoc
################################################################################ ################################################################################
@ -131,19 +174,58 @@ Provides: %{product_id}-javadoc = %{major_version}.%{minor_version}
%description -n %{product_id}-javadoc %description -n %{product_id}-javadoc
This package contains the API documentation for JSS. This package contains the API documentation for JSS.
%endif
%if %{with tests}
################################################################################
%package -n %{product_id}-tests
################################################################################
Summary: Java Security Services (JSS) Tests
BuildRequires: mvn(org.junit.jupiter:junit-jupiter)
BuildRequires: mvn(org.opentest4j:opentest4j)
%description -n %{product_id}-tests
This package provides test suite for JSS.
# with tests
%endif
################################################################################ ################################################################################
%prep %prep
################################################################################ ################################################################################
%autosetup -n jss-%{version}%{?_phase} -p 1 %autosetup -n jss-%{version}%{?phase:-}%{?phase} -p 1
# disable native modules since they will be built by CMake
%pom_disable_module native
%pom_disable_module symkey
# do not ship examples
%pom_disable_module examples
# flatten-maven-plugin is not available in RPM
%pom_remove_plugin org.codehaus.mojo:flatten-maven-plugin
# specify Maven artifact locations
%mvn_file org.dogtagpki.jss:jss-tomcat jss/jss-tomcat
%mvn_file org.dogtagpki.jss:jss-tomcat-9.0 jss/jss-tomcat-9.0
# specify Maven artifact packages
%mvn_package org.dogtagpki.jss:jss-tomcat jss-tomcat
%mvn_package org.dogtagpki.jss:jss-tomcat-9.0 jss-tomcat
################################################################################ ################################################################################
%build %build
################################################################################ ################################################################################
# Set build flags for CMake
# (see /usr/lib/rpm/macros.d/macros.cmake)
%set_build_flags %set_build_flags
export JAVA_HOME=%{java_home}
# Enable compiler optimizations # Enable compiler optimizations
export BUILD_OPT=1 export BUILD_OPT=1
@ -154,182 +236,187 @@ export CFLAGS
# Check if we're in FIPS mode # Check if we're in FIPS mode
modutil -dbdir /etc/pki/nssdb -chkfips true | grep -q enabled && export FIPS_ENABLED=1 modutil -dbdir /etc/pki/nssdb -chkfips true | grep -q enabled && export FIPS_ENABLED=1
# The Makefile is not thread-safe # build Java code, run Java tests, and build Javadoc with Maven
%cmake \ %mvn_build %{!?with_tests:-f} %{!?with_javadoc:-j}
-DVERSION=%{version} \
-DJAVA_HOME=%{java_home} \
-DJAVA_LIB_INSTALL_DIR=%{_jnidir} \
-DJSS_LIB_INSTALL_DIR=%{_libdir}/jss \
-B %{_vpath_builddir}
cd %{_vpath_builddir}
%{__make} \
VERBOSE=%{?_verbose} \
CMAKE_NO_VERBOSE=1 \
--no-print-directory \
all
%{__make} \
VERBOSE=%{?_verbose} \
CMAKE_NO_VERBOSE=1 \
--no-print-directory \
javadoc
# create links to Maven-built classes for CMake
mkdir -p %{_vpath_builddir}/classes/jss
ln -sf ../../../base/target/classes/org %{_vpath_builddir}/classes/jss
%if %{with tests} %if %{with tests}
ctest --output-on-failure mkdir -p %{_vpath_builddir}/classes/tests
ln -sf ../../../base/target/test-classes/org %{_vpath_builddir}/classes/tests
%endif %endif
# create links to Maven-built JAR files for CMake
ln -sf ../base/target/jss.jar %{_vpath_builddir}
%if %{with tests}
ln -sf ../base/target/jss-tests.jar %{_vpath_builddir}
%endif
# create links to Maven-built headers for CMake
mkdir -p %{_vpath_builddir}/include/jss
ln -sf ../../../base/target/include/_jni %{_vpath_builddir}/include/jss/_jni
# mark Maven-built targets so that CMake will not rebuild them
mkdir -p %{_vpath_builddir}/.targets
touch %{_vpath_builddir}/.targets/finished_generate_java
%if %{with tests}
touch %{_vpath_builddir}/.targets/finished_tests_generate_java
%endif
%if %{with javadoc}
touch %{_vpath_builddir}/.targets/finished_generate_javadocs
%endif
# build native code and run native tests with CMake
./build.sh \
%{?_verbose:-v} \
--work-dir=%{_vpath_builddir} \
--prefix-dir=%{_prefix} \
--include-dir=%{_includedir} \
--lib-dir=%{_libdir} \
--sysconf-dir=%{_sysconfdir} \
--share-dir=%{_datadir} \
--cmake=%{__cmake} \
--java-home=%{java_home} \
--jni-dir=%{_jnidir} \
--version=%{version} \
--without-java \
--without-javadoc \
%{!?with_tests:--without-tests} \
dist
################################################################################ ################################################################################
%install %install
################################################################################ ################################################################################
cd %{_vpath_builddir} # install Java binaries and Javadoc
%mvn_install
%{__make} \ # install jss.jar
VERBOSE=%{?_verbose} \ mkdir -p %{buildroot}%{_javadir}/jss
CMAKE_NO_VERBOSE=1 \ cp base/target/jss.jar %{buildroot}%{_javadir}/jss/jss.jar
DESTDIR=%{buildroot} \
INSTALL="install -p" \ # create links for backward compatibility
--no-print-directory \ mkdir -p %{buildroot}%{_jnidir}
ln -sf ../../..%{_javadir}/jss/jss.jar %{buildroot}%{_jnidir}/jss.jar
mkdir -p %{buildroot}%{_libdir}/jss
ln -sf ../../..%{_javadir}/jss/jss.jar %{buildroot}%{_libdir}/jss/jss.jar
# install native binaries
./build.sh \
%{?_verbose:-v} \
--work-dir=%{_vpath_builddir} \
--install-dir=%{buildroot} \
--without-java \
install install
# install tests binaries
%if %{with tests}
mkdir -p %{buildroot}%{_datadir}/jss/tests/lib
cp base/target/jss-tests.jar %{buildroot}%{_datadir}/jss/tests/lib
%endif
################################################################################ ################################################################################
%files -n %{product_id} %files -n %{product_id} -f .mfiles
################################################################################ ################################################################################
%defattr(-,root,root,-)
%doc jss.html %doc jss.html
%license MPL-1.1.txt gpl.txt lgpl.txt %license MPL-1.1.txt gpl.txt lgpl.txt symkey/LICENSE
%{_libdir}/* %{_javadir}/jss/jss.jar
%{_jnidir}/* %{_jnidir}/jss.jar
%{_libdir}/jss/jss.jar
%{_libdir}/jss/libjss.so
%{_libdir}/jss/libjss-symkey.so
################################################################################ ################################################################################
%files -n %{product_id}-javadoc %files -n %{product_id}-tomcat -f .mfiles-jss-tomcat
################################################################################ ################################################################################
%defattr(-,root,root,-) %if %{with javadoc}
%{_javadocdir}/jss-%{version}/ ################################################################################
%files -n %{product_id}-javadoc -f .mfiles-javadoc
################################################################################
%endif
%if %{with tests}
################################################################################
%files -n %{product_id}-tests
################################################################################
%{_datadir}/jss/tests/
# with tests
%endif
################################################################################ ################################################################################
%changelog %changelog
* Thu Feb 08 2024 Red Hat PKI Team <rhcs-maint@redhat.com> 4.11.0-1 * Wed Feb 21 2024 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.5.0-1
- Rebase to JSS 4.11.0 - Rebase to JSS 5.5.0
* Tue Jan 16 2024 Red Hat PKI Team <rhcs-maint@redhat.com> 4.10.0-0.1 * Thu Feb 01 2024 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.5.0-0.4
- Rebase to JSS 4.10.0-alpha1 - Rebuild with side tag
* Fri Jan 12 2024 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.8-1 * Mon Jan 29 2024 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.5.0-0.3
- Rebase to JSS 4.9.8 - Add Obsoletes/Conflicts for idm-tomcatjss
* Wed Jun 01 2022 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.4-1 * Mon Dec 11 2023 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.5.0-0.2
- Rebase to JSS 4.9.4 - Rebuild with side tag
- Bug 2013674 - JSS cannot be properly initialized after using another NSS-backed security provider
* Tue Feb 15 2022 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.3-1 * Wed Dec 06 2023 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.5.0-0.1
- Rebase to JSS 4.9.3 - Rebase to JSS 5.5.0-alpha3
- Bug 2046022 - CVE-2021-4213 pki-core:10.6/jss: memory leak in TLS connection leads to OOM [rhel-8]
* Mon Nov 15 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.2-1 * Thu Feb 09 2023 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.3.0-1
- Rebase to JSS 4.9.2 - Rebase to JSS 5.3.0
* Tue Sep 21 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.1-1 * Thu Jan 05 2023 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.3.0-0.3.beta2
- Rebase to JSS 4.9.1 - Rebase to JSS 5.3.0-beta2
- Bug 2017098 - pki pkcs12-cert-add command failing with 'Unable to validate PKCS #12 file: Digests do not match' exception
* Mon Jul 26 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.0-1 * Wed Nov 30 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.3.0-0.2.beta1
- Rebase to JSS 4.9.0 - Rebase to JSS 5.3.0-beta1
* Fri Jun 11 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.0-0.2 * Fri Sep 02 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.2.1-1
- Rebase to JSS 4.9.0-alpha2 - Rebase to JSS 5.2.1
- Bug 2100807 - pki-tomcat/kra unable to decrypt when using RSA-OAEP padding in RHEL9 with FIPS enabled
* Wed Jun 02 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.0-0.1 * Wed Jun 29 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.2.0-1
- Rebase to JSS 4.9.0-alpha1 - Rebase to JSS 5.2.0
* Thu Jan 14 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 4.8.1-1 * Mon May 02 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.2.0-0.3.beta2
- Rebase to upstream JSS v4.8.1 - Rebase to JSS 5.2.0-beta2
- Red Hat Bugilla #1908541 - jss broke SCEP - missing PasswordChallenge class - Rename packages to idm-jss
- Red Hat Bugilla #1489256 - [RFE] jss should support RSA with OAEP padding
* Wed Nov 18 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.8.0-2 * Wed Apr 13 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.2.0-0.2.beta1
- Only check PKCS11Constants on beta builds - Rebase to JSS 5.2.0-beta1
- Bump tomcatjss, pki-core conflicts due to lang3
* Wed Oct 28 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.8.0-1 * Tue Feb 15 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.0.3-1
- Rebase to upstream JSS v4.8.0 - Rebase to JSS 5.0.3
- Bug 2046023 - CVE-2021-4213 jss: memory leak in TLS connection leads to OOM [rhel-9.0]
* Tue Oct 20 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.8.0-0.1 * Wed Feb 02 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.0.2-1
- Rebase to upstream JSS v4.8.0-b1 - Rebase to JSS 5.0.2
- Bug 2029838 - SHA1withRSA being listed in signing certificates while approving certificate via Agent page in browser
* Fri Sep 11 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.3-1 * Fri Nov 19 2021 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.0.1-1
- Rebase to upstream stable release JSS v4.7.3 - Rebase to JSS 5.0.1
- Red Hat Bugzilla #1873235 - Fix SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT in pki ca-user-cert-add
* Thu Aug 06 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.2-1 * Tue Oct 05 2021 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.0.0-1
- Rebase to upstream stable release JSS v4.7.2 - Rebase to JSS 5.0.0
- Red Hat Bugzilla #1822246 - Fix SSLSocket NULL pointer deference after close
* Fri Jul 31 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.1-1 * Thu Sep 16 2021 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.0.0-0.5.beta1
- Rebase to upstream stable release JSS v4.7.1 - Rebase to JSS 5.0.0-beta1
* Thu Jul 09 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.0-1 * Thu Sep 09 2021 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.0.0-0.4.alpha1
- Rebase to upstream stable release JSS v4.7.0 - Drop BuildRequires and Requires on glassfish-jaxb-api
- Fixed TestSSLEngine Resolves #2002576
* Thu Jun 25 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.0-0.4 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 5.0.0-0.3.alpha1
- Rebased to JSS 4.7.0-b4 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Mon Jun 22 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.0-0.3 * Mon Aug 2 2021 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.0.0-0.2
- Rebased to JSS 4.7.0-b3 - Drop javadoc package
* Tue May 26 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.0-0.1 * Fri Jun 25 2021 Red Hat PKI Team <rhcs-maint@redhat.com> - 5.0.0-0.1
- Rebased to JSS 4.7.0-b1 - Rebase to JSS 5.0.0-alpha1
* Mon Mar 23 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.2-4
- Red Hat Bugzilla #1807371 - KRA-HSM: Async and sync key recovery using kra agent web is failing
* Mon Mar 02 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.2-3
- Red Hat Bugzilla #1807371 - KRA-HSM: Async and sync key recovery using kra agent web is failing
* Tue Oct 29 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.2-2
- Red Hat Bugzilla #1730767 - JSS: Wrap NSS CMAC + KDF implementations
- Rebased to JSS 4.6.2
* Wed Sep 11 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-5
- Red Hat Bugzilla #1747987 - CVE 2019-14823 jss: OCSP policy "Leaf and Chain" implicitly trusts the root certificate
* Wed Aug 14 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-4
- Red Hat Bugzilla #1698059 - pki-core implements crypto
* Tue Jul 16 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-3
- Red Hat Bugzilla #1721135 - JSS - LD_FLAGS support
* Wed Jun 12 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-2
- Minor updates to release
* Wed Jun 12 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-1
- Rebased to JSS 4.6.0
* Thu Apr 25 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.3-1
- Rebased to JSS 4.5.3
* Fri Aug 10 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-1
- Rebased to JSS 4.5.0
* Tue Aug 07 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.6
- Rebased to JSS 4.5.0-b1
* Tue Aug 07 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.5
- Red Hat Bugzilla #1612063 - Do not override system crypto policy (support TLS 1.3)
* Fri Jul 20 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.4
- Rebased to JSS 4.5.0-a4
- Red Hat Bugzilla #1604462 - jss: FTBFS in Fedora rawhide
* Thu Jul 05 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.3
- Rebased to JSS 4.5.0-a3
* Fri Jun 22 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.2
- Rebased to JSS 4.5.0-a2
* Fri Jun 15 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.1
- Rebased to JSS 4.5.0-a1