Commit Graph

605 Commits

Author SHA1 Message Date
Bob Relyea
7983668370 Fix compile issues found during the Fedora 38 rebuild.
(SECStatus is an enum and can't be assigned to and int)
2023-01-24 14:03:27 -08:00
Fedora Release Engineering
ea71f8dfa8 Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2023-01-19 21:49:27 +00:00
Frantisek Krenzelok
e88705bd74
Update NSS to 3.87 & remove unused patches
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
2023-01-10 21:13:44 +01:00
Bob Relyea
1c86aae278 Fix nss.spec syntax error 2022-11-17 15:45:22 -08:00
Bob Relyea
faa802de5a Update NSS to 3.85 (rhbz#214318) 2022-11-17 14:49:13 -08:00
Bob Relyea
b3fa07dc54 Rebase to nss 3.83 and nspr 4.35. 2022-09-20 22:24:17 -07:00
Bob Relyea
297e6280a5 Add dbtool to rawhide 2022-09-09 10:28:21 -07:00
Bob Relyea
37b1b613d2 Fix release tag syntax error 2022-07-21 12:44:36 -07:00
Bob Relyea
3b1f91342a Rebase to nss 3.81 2022-07-21 12:32:20 -07:00
Bob Relyea
a9f44e8e59 bug#2097663
Fix crash when getting client cert and there is none in the database.
2022-06-16 14:22:48 -07:00
Bob Relyea
e5848562c6 Rebase NSS to 3.79
Rebase NSPR to 3.43
2022-05-31 14:12:36 -07:00
Bob Relyea
8c57561b09 Update to nss 3.77 2022-04-04 16:22:35 -07:00
Bob Relyea
5b97003412 Resolves: rhbz#2046773
Update to NSS 3.75
fix FTBFS issue
2022-02-05 11:05:11 -08:00
Fedora Release Engineering
1ef41fe34b - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-01-20 21:26:50 +00:00
Bob Relyea
7939bc1609 Sigh, bump nspr release number 2021-12-01 19:30:55 -08:00
Bob Relyea
167cff7975 Resolves: rhbz#2028186
Update to nss 3.73
Fixes cve-2021043527
2021-12-01 11:22:54 -08:00
Bob Relyea
2fff7ce02e Update change log for previous checkin 2021-10-04 10:39:52 -07:00
Bob Relyea
8138473262 Rebase to NSS 3.71:
Network Security Services (NSS) 3.71 was released on 30 September 2021.

The HG tag is NSS_3_71_RTM. This version of NSS requires NSPR 4.32 or newer.

NSS 3.71 source distributions are available on ftp.mozilla.org for secure HTTPS download: <https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_71_RTM/src/>

Changes:
- Bug 1717716 - Set nssckbi version number to 2.52.
- Bug 1667000 - Respect server requirements of tlsfuzzer/test-tls13-signature-algorithms.py
- Bug 1373716 - Import of PKCS#12 files with Camellia encryption is not supported
- Bug 1717707 - Add HARICA Client ECC Root CA 2021.
- Bug 1717707 - Add HARICA Client RSA Root CA 2021.
- Bug 1717707 - Add HARICA TLS ECC Root CA 2021.
- Bug 1717707 - Add HARICA TLS RSA Root CA 2021.
- Bug 1728394 - Add TunTrust Root CA certificate to NSS.
-------------------------------------

Network Security Services (NSS) 3.70 was released on 4 September 2021.

The HG tag is NSS_3_70_RTM. This version of NSS requires NSPR 4.32 or newer.

NSS 3.70 source distributions are available on ftp.mozilla.org for secure HTTPS download: <https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_70_RTM/src/>

Changes:
   - Documentation: release notes for NSS 3.70.
   - Documentation: release notes for NSS 3.69.1.
   - Bug 1726022 - Update test case to verify fix.
   - Bug 1714579 - Explicitly disable downgrade check in TlsConnectStreamTls13.EchOuterWith12Max
   - Bug 1714579 - Explicitly disable downgrade check in TlsConnectTest.DisableFalseStartOnFallback
   - Formatting for lib/util
   - Bug 1681975 - Avoid using a lookup table in nssb64d.
   - Bug 1724629 - Use HW accelerated SHA2 on AArch64 Big Endian.
   - Bug 1714579 - Change default value of enableHelloDowngradeCheck to true.
   - Formatting for gtests/pk11_gtest/pk11_hpke_unittest.cc
   - Bug 1726022 - Cache additional PBE entries.
   - Bug 1709750 - Read HPKE vectors from official JSON.
   - Documentation: update for NSS 3.69 release.
2021-10-04 09:20:44 -07:00
Bob Relyea
af791c1ba6 Resolves: rhbz#1986627
Turn on LTO in NSS
2021-08-10 16:28:38 -07:00
Bob Relyea
a9f294d68c NSS 3.69 already has the sqlite patch. 2021-08-10 10:07:04 -07:00
Bob Relyea
8abf80e788 Why is rpm trying to expand stuff in a comment? (sigh) make it happy for now 2021-08-10 09:28:22 -07:00
Bob Relyea
3b8e99f54d update actual release verison for nss as well as nspr (sigh) 2021-08-10 09:21:10 -07:00
Bob Relyea
89863272ee Rebase to nss 3.69 and nspr 4.32 2021-08-10 08:50:20 -07:00
Bob Relyea
4a9ae95d97 Update nss.spec to handle scripts line rpmdev_bumpspec 2021-07-28 14:11:18 -07:00
Bob Relyea
ff3ede0b35 Mass rebuild messed up nss/nspr versioning, straighten that out now.
https://bugzilla.redhat.com/show_bug.cgi?id=1986522
2021-07-27 15:05:31 -07:00
Fedora Release Engineering
8a77a14ab9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-22 16:21:16 +00:00
Bob Relyea
b982271bc3 Rebase to NSS 3.67 for Firefox 91 2021-06-17 15:11:36 -07:00
Bob Relyea
f760740a2b Bump NSPR build number 2021-05-28 10:24:33 -07:00
Bob Relyea
0bf3c58252 Update to NSS 3.65
- also handle man page update from NSS 3.66
  - disable ppcle hw support until it passes NSS tests
2021-05-27 18:15:48 -07:00
Bob Relyea
9ff440494f - Update to 3.63
- Update to NSPR 2.30
- Remove old dbm files and man pages
2021-03-23 22:33:58 -07:00
Bob Relyea
0b58cf9e56 Update NSPR release number to avoid conflicts 2021-02-25 10:40:22 +01:00
Bob Relyea
535c4fae51 Rebase to nss 3.62.0 2021-02-23 14:19:08 -08:00
Kalev Lember
0b3033dcf4 Rebuild to fix broken nspr dependencies
Problem: conflicting requests
- nothing provides nspr(x86-64) = 4.29.0-11.fc34 needed by nspr-devel-4.29.0-11.fc34.1.x86_64
2021-02-01 19:26:35 +01:00
Fedora Release Engineering
a580405acc - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-01-26 21:43:22 +00:00
Bob Relyea
37aceda53b update nspr release number 2021-01-22 22:55:57 +00:00
Bob Relyea
2a6b0539cc Update requires so that we get the correct crypto policies
(or all RSA and ECDSA signatures wil fail)
2021-01-22 18:07:01 +00:00
Bob Relyea
245982b2c4 Thu Jan 21 2021 Bob Relyea <rrelyea@redhat.com> - 3.60.1-1
Update to NSS 3.60.1
 Drop NODEPEND_FREEBL and LOWHASH
 bug 1919033
2021-01-22 00:10:22 +00:00
Tom Stellard
6f68ada6a7 Add BuildRequires: make
https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot
2021-01-07 06:00:39 +00:00
Bob Relyea
4ecb833a82 - Work around btrfs/sqlite bug
- Disable new policy entries until crypto-polices has been updated
2020-12-12 10:10:46 -08:00
Daiki Ueno
8f25129254 Update to NSS 3.59 2020-12-10 19:12:51 +01:00
Daiki Ueno
a0090873a5 Replace %%{version} references in %%build with %%{nss_version}
Suggested by Dmitry Butskoy in bz#1895447.
2020-11-07 07:13:59 +01:00
Daiki Ueno
b09fff4da1 Add operational workaround for NVR clashes 2020-10-30 12:55:26 +01:00
Daiki Ueno
466a27e84d Use the lockstep release numbering for both nspr and nss
Fixes #1892874
2020-10-30 11:28:28 +01:00
Jeff Law
51aa05789c Disable -Warray-parameter warning for gcc-11 2020-10-29 13:03:57 -06:00
Daiki Ueno
3a93ebecac Whitespace cleanup 2020-10-29 13:11:08 +01:00
Daiki Ueno
ef0e3207fd Consolidate NSPR with this package
NSPR is no longer used outside of NSS, it makes little sense to keep
it as a separate source package, but costs the packaging burden as NSS
requires a buildroot override.
2020-10-28 15:23:41 +01:00
Bob Relyea
e698f2504c Resolves: rhbz#1861495
Don't fail OCSP validations for intermediate certs if the root certs
are signed by sha1 and sha1 is disabled.
2020-10-26 16:59:30 -07:00
Daiki Ueno
0d4d4780af Revert the last change, tolerate the first CCS in TLS 1.3 2020-10-26 06:55:42 +01:00
Daiki Ueno
0d673b36cc Enable TLS 1.3 middlebox compatibility mode by default 2020-10-22 17:06:28 +02:00
Daiki Ueno
f73f7ce1e4 Install pk11hpke.h 2020-10-20 11:12:33 +02:00