Related: rhbz#1972928

- fix relro support in nspr part of build
2021-07-08 15:14:08 -07:00 · 2021-07-08 15:14:08 -07:00 · 449fc4a03c
commit 449fc4a03c
parent 5a8798b5da
1 changed files with 11 additions and 4 deletions
--- a/nss.spec
+++ b/nss.spec
@ -2,7 +2,10 @@
 # NOTE: To avoid NVR clashes of nspr* packages:
 # - reset %%{nspr_release} to 1, when updating %%{nspr_version}
 # - increment %%{nspr_version}, when updating the NSS part only
-%global nspr_release 4
+# - put the nss_release number here next to nspr, as they both
+#   need to be updated on a given release
+%global nspr_release 5
+%global nss_release 8
 %global nss_version 3.67.0
 # only need to update this as we added new
 # algorithms under nss policy control
@ -56,7 +59,7 @@ rpm.define(string.format("nss_release_tag NSS_%s_RTM",
 Summary:          Network Security Services
 Name:             nss
 Version:          %{nss_version}
-Release:          7%{?dist}
+Release:          %{nss_release}%{?dist}
 License:          MPLv2.0
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Requires:         nspr >= %{nspr_version}
@ -333,6 +336,8 @@ find nss/lib/libpkix -perm /u+x -type f -exec chmod -x {} \;
 # adjustment in the NSS build process.
 mkdir -p nspr_build
 pushd nspr_build
+export LDFLAGS="$RPM_LD_FLAGS"
+export CFLAGS="$RPM_OPT_FLAGS"
 ../nspr/configure \
                 --prefix=%{_prefix} \
                 --libdir=%{_libdir} \
@ -349,7 +354,6 @@ pushd nspr_build
                 --enable-optimize="$RPM_OPT_FLAGS" \
                 --disable-debug

-export LDFLAGS=$RPM_LD_FLAGS
 # The assembly files are only for legacy atomics, to which we prefer GCC atomics
 %ifarch i686 x86_64
 sed -i '/^PR_MD_ASFILES/d' config/autoconf.mk
@ -1072,6 +1076,9 @@ update-crypto-policies &> /dev/null || :


 %changelog
+* Thu Jul 8 2021 Bob Relyea <rrelyea@redhat.com> - 3.67.0-8
+- fix relro support in nspr part of build
+
 * Tue Jul 6 2021 Bob Relyea <rrelyea@redhat.com> - 3.67.0-7
 - fix ssl alert regressions

@ -1144,7 +1151,7 @@ update-crypto-policies &> /dev/null || :
 - Consolidate NSPR package with this package

 * Mon Oct 26 2020 Bob Relyea <rrelyea@redhat.com> - 3.58.0-4
- fix pkix ocsp to tolerate OCSP checking on intermediates 
+- fix pkix ocsp to tolerate OCSP checking on intermediates
  when the root is signed by sha1 and sha1 is disabled by
  policy