From 5c88c88a731c6c3dd71783f562454efc04b6de20 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Nov 16 2016 03:25:54 +0000
Subject: import nss-util-3.21.3-1.1.el7_3


---

diff --git a/.gitignore b/.gitignore
index aa8148b..47ef717 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/nss-util-3.21.0.tar.gz
+SOURCES/nss-util-3.21.3.tar.gz
diff --git a/.nss-util.metadata b/.nss-util.metadata
index 3f37be8..75e24d8 100644
--- a/.nss-util.metadata
+++ b/.nss-util.metadata
@@ -1 +1 @@
-d812083a23ddf6d1a7262ef8799b1d418126688a SOURCES/nss-util-3.21.0.tar.gz
+5fbd7801bca0ececb9867770af7beb2b6cf43a91 SOURCES/nss-util-3.21.3.tar.gz
diff --git a/SOURCES/cve-2016-1950.patch b/SOURCES/cve-2016-1950.patch
deleted file mode 100644
index b6f4f3c..0000000
--- a/SOURCES/cve-2016-1950.patch
+++ /dev/null
@@ -1,141 +0,0 @@
-
-# HG changeset patch
-# User David Keeler <dkeeler@mozilla.com>
-# Date 1455892169 -3600
-# Node ID b9a31471759d751a56bf261b24c138c8f5d3925f
-# Parent  9e2af044dfa443ccff8587177c8f1b5b7b627f37
-bug 1245528 - fix bugs in ASN.1 decoding, r=ryan.sleevi
-
-diff --git a/lib/util/secasn1d.c b/lib/util/secasn1d.c
---- a/lib/util/secasn1d.c
-+++ b/lib/util/secasn1d.c
-@@ -9,16 +9,18 @@
- 
- /* #define DEBUG_ASN1D_STATES 1 */
- 
- #ifdef DEBUG_ASN1D_STATES
- #include <stdio.h>
- #define PR_Assert sec_asn1d_Assert
- #endif
- 
-+#include <limits.h>
-+
- #include "secasn1.h"
- #include "secerr.h"
- 
- typedef enum {
-     beforeIdentifier,
-     duringIdentifier,
-     afterIdentifier,
-     beforeLength,
-@@ -1588,28 +1590,63 @@ sec_asn1d_parse_leaf (sec_asn1d_state *s
- 
-     if (state->pending < len)
- 	len = state->pending;
- 
-     bufLen = len;
- 
-     item = (SECItem *)(state->dest);
-     if (item != NULL && item->data != NULL) {
-+	unsigned long offset;
- 	/* Strip leading zeroes when target is unsigned integer */
- 	if (state->underlying_kind == SEC_ASN1_INTEGER && /* INTEGER   */
- 	    item->len == 0 &&                             /* MSB       */
- 	    item->type == siUnsignedInteger)              /* unsigned  */
- 	{
- 	    while (len > 1 && buf[0] == 0) {              /* leading 0 */
- 		buf++;
- 		len--;
- 	    }
- 	}
--	PORT_Memcpy (item->data + item->len, buf, len);
--	item->len += len;
-+        offset = item->len;
-+        if (state->underlying_kind == SEC_ASN1_BIT_STRING) {
-+            // The previous bit string must have no unused bits.
-+            if (item->len & 0x7) {
-+                PORT_SetError (SEC_ERROR_BAD_DER);
-+                state->top->status = decodeError;
-+                return 0;
-+            }
-+            // If this is a bit string, the length is bits, not bytes.
-+            offset = item->len >> 3;
-+        }
-+        if (state->underlying_kind == SEC_ASN1_BIT_STRING) {
-+            unsigned long len_in_bits;
-+            // Protect against overflow during the bytes-to-bits conversion.
-+            if (len >= (ULONG_MAX >> 3) + 1) {
-+                PORT_SetError (SEC_ERROR_BAD_DER);
-+                state->top->status = decodeError;
-+                return 0;
-+            }
-+            len_in_bits = (len << 3) - state->bit_string_unused_bits;
-+            // Protect against overflow when computing the total length in bits.
-+            if (UINT_MAX - item->len < len_in_bits) {
-+                PORT_SetError (SEC_ERROR_BAD_DER);
-+                state->top->status = decodeError;
-+                return 0;
-+            }
-+            item->len += len_in_bits;
-+        } else {
-+            if (UINT_MAX - item->len < len) {
-+                PORT_SetError (SEC_ERROR_BAD_DER);
-+                state->top->status = decodeError;
-+                return 0;
-+            }
-+            item->len += len;
-+        }
-+        PORT_Memcpy (item->data + offset, buf, len);
-     }
-     state->pending -= bufLen;
-     if (state->pending == 0)
- 	state->place = beforeEndOfContents;
- 
-     return bufLen;
- }
- 
-@@ -1666,24 +1703,16 @@ sec_asn1d_parse_more_bit_string (sec_asn
- 	} else {
- 	    /* An empty bit string with no unused bits is OK. */
- 	    state->place = beforeEndOfContents;
- 	}
- 	return 0;
-     }
- 
-     len = sec_asn1d_parse_leaf (state, buf, len);
--    if (state->place == beforeEndOfContents && state->dest != NULL) {
--	SECItem *item;
--
--	item = (SECItem *)(state->dest);
--	if (item->len)
--	    item->len = (item->len << 3) - state->bit_string_unused_bits;
--    }
--
-     return len;
- }
- 
- 
- /*
-  * XXX All callers should be looking at return value to detect
-  * out-of-memory errors (and stop!).
-  */
-@@ -2203,17 +2232,17 @@ sec_asn1d_concat_substrings (sec_asn1d_s
- 			? PR_TRUE : PR_FALSE;
- 
- 	substring = state->subitems_head;
- 	while (substring != NULL) {
- 	    /*
- 	     * All bit-string substrings except the last one should be
- 	     * a clean multiple of 8 bits.
- 	     */
--	    if (is_bit_string && (substring->next == NULL)
-+	    if (is_bit_string && (substring->next != NULL)
- 			      && (substring->len & 0x7)) {
- 		PORT_SetError (SEC_ERROR_BAD_DER);
- 		state->top->status = decodeError;
- 		return;
- 	    }
- 	    item_len += substring->len;
- 	    substring = substring->next;
- 	}
-
diff --git a/SPECS/nss-util.spec b/SPECS/nss-util.spec
index 81b6c16..eaddc20 100644
--- a/SPECS/nss-util.spec
+++ b/SPECS/nss-util.spec
@@ -4,8 +4,8 @@
 
 Summary:          Network Security Services Utilities Library
 Name:             nss-util
-Version:          3.21.0
-Release:          2.2%{?dist}
+Version:          3.21.3
+Release:          1.1%{?dist}
 License:          MPLv2.0
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Group:            System Environment/Libraries
@@ -41,7 +41,6 @@ Patch7: pkcs1sig-include-prtypes.patch
 # Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=951455
 # Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=923089
 Patch8: nss-util-3.19.1-tls12-mechanisms.patch
-Patch10: cve-2016-1950.patch
 
 %description
 Utilities for Network Security Services and the Softoken module
@@ -66,9 +65,6 @@ Header and library files for doing development with Network Security Services.
 %patch2 -p0 -b .prtypes
 %patch7 -p0 -b .include_prtypes
 %patch8 -p1 -b .tls12_mechs
-pushd nss
-%patch10 -p1 -b .cve-2016-1950
-popd
 
 
 %build
@@ -239,21 +235,25 @@ done
 %{_includedir}/nss3/templates/templates.c
 
 %changelog
-* Wed Mar 30 2016 Kai Engert <kaie@redhat.com> - 3.21.0-2.2
-- Rebase to nss-util from nss 3.21
-- Add aliases for naming compatibility with prior release
+* Wed Nov 02 2016 Kai Engert <kaie@redhat.com> - 3.21.3-1.1
+- rebuild
 
-* Thu Mar 03 2016 Kai Engert <kaie@redhat.com> - 3.19.1-9
-- Actually apply the fix for CVE-2016-1950 from NSS 3.19.2.3 ...
+* Mon Oct 24 2016 Daiki Ueno <dueno@redhat.com> - 3.21.3-1
+- Rebase to nss-3.21.3
+- Remove patch for CVE-2016-1950, which is included in the release
+- Related: Bug 1347908
 
-* Thu Feb 25 2016 Kai Engert <kaie@redhat.com> - 3.19.1-8
-- Fix a spec file syntax error
+* Mon Apr 18 2016 Elio Maldonado <emaldona@redhat.com> - 3.21.0-4
+- Manual merge from the rhel-7.2 branch
+- Fix one alias for naming compatibility with prior release
+- Remove an unused patch
 
-* Thu Feb 25 2016 Kai Engert <kaie@redhat.com> - 3.19.1-7
-- Rebuild to ensure use of correct NSPR.
+* Mon Feb 22 2016 Kai Engert <kaie@redhat.com> - 3.21.0-3
+- Added upstream patch for CVE-2016-1950
 
-* Wed Feb 24 2016 Kai Engert <kaie@redhat.com> - 3.19.1-6
-- Include the fix for CVE-2016-1950 from NSS 3.19.2.3
+* Thu Jan 28 2016 Elio Maldonado <emaldona@redhat.com> - 3.21.0-1
+- Rebase to nss-util from nss 3.21
+- Resolves: Bug 1297940 - Rebase RHEL 7.3 to NSS-util 3.21 in preparation for Firefox 45
 
 * Fri Nov 20 2015 Elio Maldonado <emaldona@redhat.com> - 3.19.1-5
 - Merge security fix from the RHEL-7.1 branch