rpms/nss
7
0
Fork 0
Code Issues Pull Requests Releases Activity
755 Commits 7 Branches 58 Tags 3.6 MiB
2bd02ed0de
Commit Graph

646 Commits

Author SHA1 Message Date
Bob Relyea
a9f44e8e59 bug#2097663 
Fix crash when getting client cert and there is none in the database.
 2022-06-16 14:22:48 -07:00
Bob Relyea
e5848562c6 Rebase NSS to 3.79 
Rebase NSPR to 3.43
 2022-05-31 14:12:36 -07:00
Bob Relyea
8c57561b09 Update to nss 3.77 2022-04-04 16:22:35 -07:00
Bob Relyea
5b97003412 Resolves: rhbz#2046773 
Update to NSS 3.75
fix FTBFS issue
 2022-02-05 11:05:11 -08:00
Fedora Release Engineering
1ef41fe34b - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2022-01-20 21:26:50 +00:00
Bob Relyea
7939bc1609 Sigh, bump nspr release number 2021-12-01 19:30:55 -08:00
Bob Relyea
167cff7975 Resolves: rhbz#2028186 
Update to nss 3.73
Fixes cve-2021043527
 2021-12-01 11:22:54 -08:00
Bob Relyea
2fff7ce02e Update change log for previous checkin 2021-10-04 10:39:52 -07:00
Bob Relyea
8138473262 Rebase to NSS 3.71: 
Network Security Services (NSS) 3.71 was released on 30 September 2021.

The HG tag is NSS_3_71_RTM. This version of NSS requires NSPR 4.32 or newer.

NSS 3.71 source distributions are available on ftp.mozilla.org for secure HTTPS download: <https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_71_RTM/src/>

Changes:
- Bug 1717716 - Set nssckbi version number to 2.52.
- Bug 1667000 - Respect server requirements of tlsfuzzer/test-tls13-signature-algorithms.py
- Bug 1373716 - Import of PKCS#12 files with Camellia encryption is not supported
- Bug 1717707 - Add HARICA Client ECC Root CA 2021.
- Bug 1717707 - Add HARICA Client RSA Root CA 2021.
- Bug 1717707 - Add HARICA TLS ECC Root CA 2021.
- Bug 1717707 - Add HARICA TLS RSA Root CA 2021.
- Bug 1728394 - Add TunTrust Root CA certificate to NSS.
-------------------------------------

Network Security Services (NSS) 3.70 was released on 4 September 2021.

The HG tag is NSS_3_70_RTM. This version of NSS requires NSPR 4.32 or newer.

NSS 3.70 source distributions are available on ftp.mozilla.org for secure HTTPS download: <https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_70_RTM/src/>

Changes:
   - Documentation: release notes for NSS 3.70.
   - Documentation: release notes for NSS 3.69.1.
   - Bug 1726022 - Update test case to verify fix.
   - Bug 1714579 - Explicitly disable downgrade check in TlsConnectStreamTls13.EchOuterWith12Max
   - Bug 1714579 - Explicitly disable downgrade check in TlsConnectTest.DisableFalseStartOnFallback
   - Formatting for lib/util
   - Bug 1681975 - Avoid using a lookup table in nssb64d.
   - Bug 1724629 - Use HW accelerated SHA2 on AArch64 Big Endian.
   - Bug 1714579 - Change default value of enableHelloDowngradeCheck to true.
   - Formatting for gtests/pk11_gtest/pk11_hpke_unittest.cc
   - Bug 1726022 - Cache additional PBE entries.
   - Bug 1709750 - Read HPKE vectors from official JSON.
   - Documentation: update for NSS 3.69 release.
 2021-10-04 09:20:44 -07:00
Bob Relyea
af791c1ba6 Resolves: rhbz#1986627 
Turn on LTO in NSS
 2021-08-10 16:28:38 -07:00
Bob Relyea
a9f294d68c NSS 3.69 already has the sqlite patch. 2021-08-10 10:07:04 -07:00
Bob Relyea
8abf80e788 Why is rpm trying to expand stuff in a comment? (sigh) make it happy for now 2021-08-10 09:28:22 -07:00
Bob Relyea
3b8e99f54d update actual release verison for nss as well as nspr (sigh) 2021-08-10 09:21:10 -07:00
Bob Relyea
89863272ee Rebase to nss 3.69 and nspr 4.32 2021-08-10 08:50:20 -07:00
Bob Relyea
4a9ae95d97 Update nss.spec to handle scripts line rpmdev_bumpspec 2021-07-28 14:11:18 -07:00
Bob Relyea
ff3ede0b35 Mass rebuild messed up nss/nspr versioning, straighten that out now. 
https://bugzilla.redhat.com/show_bug.cgi?id=1986522
 2021-07-27 15:05:31 -07:00
Fedora Release Engineering
8a77a14ab9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-07-22 16:21:16 +00:00
Bob Relyea
b982271bc3 Rebase to NSS 3.67 for Firefox 91 2021-06-17 15:11:36 -07:00
Bob Relyea
f760740a2b Bump NSPR build number 2021-05-28 10:24:33 -07:00
Bob Relyea
0bf3c58252 Update to NSS 3.65 
- also handle man page update from NSS 3.66
  - disable ppcle hw support until it passes NSS tests
 2021-05-27 18:15:48 -07:00
Bob Relyea
9ff440494f - Update to 3.63 
- Update to NSPR 2.30
- Remove old dbm files and man pages
 2021-03-23 22:33:58 -07:00
Bob Relyea
0b58cf9e56 Update NSPR release number to avoid conflicts 2021-02-25 10:40:22 +01:00
Bob Relyea
535c4fae51 Rebase to nss 3.62.0 2021-02-23 14:19:08 -08:00
Kalev Lember
0b3033dcf4 Rebuild to fix broken nspr dependencies 
Problem: conflicting requests
- nothing provides nspr(x86-64) = 4.29.0-11.fc34 needed by nspr-devel-4.29.0-11.fc34.1.x86_64
 2021-02-01 19:26:35 +01:00
Fedora Release Engineering
a580405acc - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-01-26 21:43:22 +00:00
Bob Relyea
37aceda53b update nspr release number 2021-01-22 22:55:57 +00:00
Bob Relyea
2a6b0539cc Update requires so that we get the correct crypto policies 
(or all RSA and ECDSA signatures wil fail)
 2021-01-22 18:07:01 +00:00
Bob Relyea
245982b2c4 Thu Jan 21 2021 Bob Relyea <rrelyea@redhat.com> - 3.60.1-1 
Update to NSS 3.60.1
 Drop NODEPEND_FREEBL and LOWHASH
 bug 1919033
 2021-01-22 00:10:22 +00:00
Tom Stellard
6f68ada6a7 Add BuildRequires: make 
https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot
 2021-01-07 06:00:39 +00:00
Bob Relyea
4ecb833a82 - Work around btrfs/sqlite bug 
- Disable new policy entries until crypto-polices has been updated
 2020-12-12 10:10:46 -08:00
Daiki Ueno
8f25129254 Update to NSS 3.59 2020-12-10 19:12:51 +01:00
Daiki Ueno
a0090873a5 Replace %%{version} references in %%build with %%{nss_version} 
Suggested by Dmitry Butskoy in bz#1895447.
 2020-11-07 07:13:59 +01:00
Daiki Ueno
b09fff4da1 Add operational workaround for NVR clashes 2020-10-30 12:55:26 +01:00
Daiki Ueno
466a27e84d Use the lockstep release numbering for both nspr and nss 
Fixes #1892874
 2020-10-30 11:28:28 +01:00
Jeff Law
51aa05789c Disable -Warray-parameter warning for gcc-11 2020-10-29 13:03:57 -06:00
Daiki Ueno
3a93ebecac Whitespace cleanup 2020-10-29 13:11:08 +01:00
Daiki Ueno
ef0e3207fd Consolidate NSPR with this package 
NSPR is no longer used outside of NSS, it makes little sense to keep
it as a separate source package, but costs the packaging burden as NSS
requires a buildroot override.
 2020-10-28 15:23:41 +01:00
Bob Relyea
e698f2504c Resolves: rhbz#1861495 
Don't fail OCSP validations for intermediate certs if the root certs
are signed by sha1 and sha1 is disabled.
 2020-10-26 16:59:30 -07:00
Daiki Ueno
0d4d4780af Revert the last change, tolerate the first CCS in TLS 1.3 2020-10-26 06:55:42 +01:00
Daiki Ueno
0d673b36cc Enable TLS 1.3 middlebox compatibility mode by default 2020-10-22 17:06:28 +02:00
Daiki Ueno
f73f7ce1e4 Install pk11hpke.h 2020-10-20 11:12:33 +02:00
Daiki Ueno
e5fecd4da4 Update to NSS 3.58 2020-10-20 09:31:29 +02:00
Daiki Ueno
8b34570da2 Remove upstreamed patch 2020-09-20 16:01:57 +02:00
Daiki Ueno
6b70690de5 Update to NSS 3.57 2020-09-19 09:13:11 +02:00
Daiki Ueno
2bb137e19d Fix AArch64 build failure 2020-09-05 10:46:10 +02:00
Daiki Ueno
c77e79a71e Update to NSS 3.56 2020-08-24 08:48:58 +02:00
Daiki Ueno
614e62c67d Fix DBM backend disablement 
Also add scriptlet to migrate old DBM databases.
 2020-08-15 13:40:04 +02:00
Jeff Law
d4e86043ee Disable LTO for now 2020-08-08 13:15:55 -06:00
Daiki Ueno
661472da51 Remove unused patch 2020-08-02 07:40:16 +02:00
Daiki Ueno
08dea7d5c7 Update to NSS 3.55 
Also disable DBM support as per:
https://fedoraproject.org/wiki/Changes/NSSDBMRemoval
 2020-08-02 07:36:17 +02:00
Fedora Release Engineering
2d5d6d2cf7 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-08-01 06:34:08 +00:00
Fedora Release Engineering
d81f1e4f76 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-07-28 11:55:03 +00:00
Daiki Ueno
c2e2fc0161 Update to NSS 3.54 2020-07-15 11:28:22 +02:00
Daiki Ueno
208c55f1d2 Update after crypto-policies packaging change 
Suggested by Tomas Mraz in:
https://bugzilla.redhat.com/show_bug.cgi?id=1848649#c7
 2020-06-22 15:21:42 +02:00
Bob Relyea
965c121198 Reolves: rhbz#1843417 
Cannot compile code with pk11pub.h (an nss header) with -Werror=strict-prototypes
 2020-06-04 17:03:01 -07:00
Daiki Ueno
9699d7efc7 Update build procedure after removal of mkdepend 2020-06-02 08:52:10 +02:00
Daiki Ueno
3f35603021 Update to NSS 3.53 2020-06-01 08:08:02 +02:00
Bob Relyea
614f823eb3 Delay new CK_GCM_PARAMS semantics until fedora 34 unless explicitly enabled. 2020-05-13 16:02:36 -07:00
Daiki Ueno
26f93fa193 Restore nss-kremlin-ppc64le.patch 2020-05-11 18:38:26 +02:00
Daiki Ueno
047dc3ed4e Update to NSS 3.52 2020-05-11 18:21:55 +02:00
Daiki Ueno
fc0174ead1 Temporarily revert DBM disablement for kernel build failure (#1827902) 2020-04-25 17:16:02 +02:00
Daiki Ueno
3c018618ca Fix the last change 2020-04-20 15:57:28 +02:00
Daiki Ueno
65271d923d Enable conditional builds on DBM 2020-04-20 14:47:27 +02:00
Daiki Ueno
9ae0f0b9e1 Update to NSS 3.51.1 
Also disable building DBM backend
 2020-04-20 14:24:47 +02:00
Daiki Ueno
2b122e4485 Update to NSS 3.51 2020-04-07 11:18:10 +02:00
Tom Stellard
507a1cebf0 Use __make macro to invoke make 
Using the %__make macro makes it possible for an alternative buildroot
to inject its own flags into the make invocation.  This makes it easier
to do trial rebuilds of fedora using different compilers or different
compiler flags.
 2020-03-27 15:39:49 +00:00
Daiki Ueno
7f30e21d0f Apply CMAC fixes from upstream 2020-03-05 09:57:34 +01:00
Daiki Ueno
f512836b78 Fix build on ppc64le, due to bundled kremlin source 2020-02-17 14:30:50 +01:00
Daiki Ueno
58ca69fcaf Update to NSS 3.50 2020-02-17 13:46:37 +01:00
Daiki Ueno
bd89f2ce5c Fix build with gcc 10 2020-02-14 14:28:21 +01:00
Daiki Ueno
9e1e74ca17 Ignore false-positive compiler warnings with gcc 10 2020-02-14 12:07:57 +01:00
Daiki Ueno
656c979c95 Suppress compiler warning (treated as fatal) in libpkix 2020-02-14 10:48:31 +01:00
Fedora Release Engineering
0b17c92d39 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-01-29 19:15:25 +00:00
Daiki Ueno
3c27dc2471 Revert "pass %{_smp_mflags} to make to speed up the build" 
This reverts commit 6e689ce0cb.

This still has a race condition and causes the build fail.
 2020-01-27 11:07:50 +01:00
Daiki Ueno
36505c331d Update to NSS 3.49.2 2020-01-27 10:24:30 +01:00
Kamil Dudka
6e689ce0cb pass %{_smp_mflags} to make to speed up the build 
I tried an uncached build of nss on Fedora 30 VM with 8 CPU cores
and the build time was reduced with this patch from 540 s to 250 s
of wall-clock time.
 2020-01-24 11:17:23 +01:00
Daiki Ueno
703a4f9a95 Remove leftover debug command in %build 2020-01-11 09:02:36 +01:00
Daiki Ueno
1e2f8acd14 Fix build on armv7hl with the patch proposed in upstream 2020-01-10 17:26:33 +01:00
Daiki Ueno
74b268dbd9 Update to NSS 3.49 2020-01-10 10:35:28 +01:00
Daiki Ueno
541296170e Update to NSS 3.48 2020-01-03 10:59:30 +01:00
Daiki Ueno
a8a8d020bf Update nss-3.47-certdb-temp-cert.patch to avoid setting empty trust value 2019-12-03 15:51:55 +01:00
Daiki Ueno
704f2e22d6 Update nss-3.47-certdb-temp-cert.patch to the final version 2019-12-03 09:31:24 +01:00
Daiki Ueno
4f639ad73c Fix intermittent SEC_ERROR_UNKNOWN_ISSUER (#1752303, #1648617) 2019-11-28 16:13:41 +01:00
Daiki Ueno
8c9ed11be4 Update to NSS 3.47.1 2019-11-22 18:01:14 +01:00
Bob Relyea
115989f50d Correct change log error so it doesn't propogate to the next patch 2019-11-06 09:16:51 -08:00
Bob Relyea
2ec4745f30 Resolves: rhbz#1768652 
NSS softoken does not include CKM_NSS_IKE1_APP_B_PRF_DERIVE in it's mechanism list, causing libreswan to crash.
 2019-11-04 13:51:40 -08:00
Daiki Ueno
626f1941fd Install cmac.h required by blapi.h (#1764513) 2019-10-23 10:44:14 +02:00
Daiki Ueno
16706fe38d Update to NSS 3.47 2019-10-22 15:22:45 +02:00
Daiki Ueno
d86af7693a Update to NSS 3.46.1 2019-10-21 13:39:30 +02:00
Daiki Ueno
fa84af3e06 Require NSPR 4.22 2019-09-04 06:31:23 +02:00
Daiki Ueno
2f14d11d0d Update to NSS 3.46 2019-09-03 09:42:24 +02:00
Daiki Ueno
3f3c20ae17 Update to NSS 3.45 2019-08-29 15:38:15 +02:00
Fedora Release Engineering
326f5d0c9a - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-07-25 22:36:13 +00:00
Daiki Ueno
c5b7db61f4 Fix CAVS testdir creation 2019-07-03 15:59:50 +02:00
Daiki Ueno
c7e445694f Update to NSS 3.44.1 2019-07-02 12:55:10 +02:00
Daiki Ueno
3ea5d2fb0e Skip TLS 1.3 tests under FIPS mode 2019-05-20 11:09:19 +02:00
Daiki Ueno
4567b678cc Update to NSS 3.44 2019-05-17 13:03:12 +02:00
Daiki Ueno
141e716639 Fix PKCS#11 module leak if C_GetSlotInfo() failed 2019-05-06 18:33:40 +02:00
Elio Maldonado
5deb5dd362 Update nspr_version to 4.21.0 and remove obsolete comment 2019-03-26 08:25:09 -07:00
Daiki Ueno
d3f6891026 Update to NSS 3.43 2019-03-21 10:33:02 +01:00