diff --git a/.nss-util.metadata b/.nss-util.metadata index feaf034..e57f3e0 100644 --- a/.nss-util.metadata +++ b/.nss-util.metadata @@ -1 +1 @@ -be63cb87ef4c587ed2be75571d6214183ca4c1d8 SOURCES/nss-util-3.15.2.tar.bz2 +b7773277cb0c3e187cc8a4f4af4d4fd59b739650 SOURCES/nss-util-3.15.4.tar.gz diff --git a/SOURCES/hasht-dont-include-prtypes.patch b/SOURCES/hasht-dont-include-prtypes.patch index 46efefb..6f85c8e 100644 --- a/SOURCES/hasht-dont-include-prtypes.patch +++ b/SOURCES/hasht-dont-include-prtypes.patch @@ -1,7 +1,7 @@ diff -up ./nss/lib/util/hasht.h.prtypes ./nss/lib/util/hasht.h ---- ./nss/lib/util/hasht.h.prtypes 2013-04-19 09:56:51.656957336 -0700 -+++ ./nss/lib/util/hasht.h 2013-04-19 09:57:19.841115823 -0700 -@@ -6,7 +6,6 @@ +--- ./nss/lib/util/hasht.h.prtypes 2013-11-09 09:23:30.000000000 -0800 ++++ ./nss/lib/util/hasht.h 2013-11-25 02:59:15.481044180 -0800 +@@ -5,7 +5,6 @@ #ifndef _HASHT_H_ #define _HASHT_H_ diff --git a/SOURCES/nss-split-util.sh b/SOURCES/nss-split-util.sh index 0099bcf..b56debe 100755 --- a/SOURCES/nss-split-util.sh +++ b/SOURCES/nss-split-util.sh @@ -16,9 +16,9 @@ fi export name=nss export version=$1 -echo "Extracting ${name}-${version}.tar.bz2" +echo "Extracting ${name}-${version}.tar.gz" -tar -xjf ${name}-${version}.tar.bz2 +tar -xzf ${name}-${version}.tar.gz # the directory will be named ${name}-${version} @@ -62,7 +62,7 @@ cp ${nss_source_dir}/nss/lib/manifest.mn ${UTIL_WORK}/${util_dir}/nss/lib cp -a ${nss_source_dir}/nss/lib/util ${UTIL_WORK}/${util_dir}/nss/lib/util pushd ${UTIL_WORK} # the compressed tar ball for nss-util -tar -cjf ../${name}-util-${version}.tar.bz2 ${util_dir} +tar -czf ../${name}-util-${version}.tar.gz ${util_dir} popd # cleanup after ourselves diff --git a/SOURCES/nss-util-ecc-list-3.15.3.patch b/SOURCES/nss-util-ecc-list-3.15.3.patch new file mode 100644 index 0000000..288dbf2 --- /dev/null +++ b/SOURCES/nss-util-ecc-list-3.15.3.patch @@ -0,0 +1,16 @@ +diff -up ./nss/lib/util/utilmodt.h.ecc_list ./nss/lib/util/utilmodt.h +--- ./nss/lib/util/utilmodt.h.ecc_list 2013-12-04 10:19:17.393804242 -0800 ++++ ./nss/lib/util/utilmodt.h 2013-12-04 10:22:28.541804170 -0800 +@@ -23,10 +23,11 @@ + #define SECMOD_SSL_FLAG 0x00000800L + #define SECMOD_TLS_FLAG 0x00001000L + #define SECMOD_AES_FLAG 0x00002000L +-#define SECMOD_SHA256_FLAG 0x00004000L ++#define SECMOD_SHA256_FLAG 0x00004000L /* also for SHA224 */ + #define SECMOD_SHA512_FLAG 0x00008000L /* also for SHA384 */ + #define SECMOD_CAMELLIA_FLAG 0x00010000L /* = PUBLIC_MECH_CAMELLIA_FLAG */ + #define SECMOD_SEED_FLAG 0x00020000L ++#define SECMOD_ECC_FLAG 0x00040000L + /* reserved bit for future, do not use */ + #define SECMOD_RESERVED_FLAG 0X08000000L + #define SECMOD_FRIENDLY_FLAG 0x10000000L diff --git a/SPECS/nss-util.spec b/SPECS/nss-util.spec index 7e45390..adb9e8b 100644 --- a/SPECS/nss-util.spec +++ b/SPECS/nss-util.spec @@ -1,9 +1,9 @@ -%global nspr_version 4.10 +%global nspr_version 4.10.2 Summary: Network Security Services Utilities Library Name: nss-util -Version: 3.15.2 -Release: 1%{?dist} +Version: 3.15.4 +Release: 2%{?dist} License: MPLv2.0 URL: http://www.mozilla.org/projects/security/pki/nss/ Group: System Environment/Libraries @@ -16,16 +16,16 @@ BuildRequires: gawk BuildRequires: psmisc BuildRequires: perl -Source0: %{name}-%{version}.tar.bz2 -# The nss-util tar ball is a subset of nss-{version}.tar.bz2 -# We use the nss-split-util.sh script for keeping only what we need. -# nss-util is produced via via nss-split-util.sh {name}-{version} +Source0: %{name}-%{version}.tar.gz +# The nss-util tar ball is a subset of nss-{version}.tar.gz. +# We use the nss-split-util.sh script for keeping only what we need +# nss-util is produced via via nss-split-util.sh {version} # Detailed Steps: # rhppkg clone nss-util # cd nss-util # Make the source tarball for nss-util out of the nss one: # sh ./nss-split-util.sh ${version} -# A file named ${name}-${version}.tar.bz2 should appear +# A file named ${name}-${version}.tar.gz should appear # ready to upload to the lookaside cache. Source1: nss-split-util.sh Source2: nss-util.pc.in @@ -33,6 +33,7 @@ Source3: nss-util-config.in Patch1: build-nss-util-only.patch Patch2: hasht-dont-include-prtypes.patch +Patch3: nss-util-ecc-list-3.15.3.patch %description Utilities for Network Security Services and the Softoken module @@ -55,6 +56,7 @@ Header and library files for doing development with Network Security Services. %setup -q %patch1 -p0 -b .utilonly %patch2 -p0 -b .prtypes +%patch3 -p0 -b .ecc_list %build @@ -112,8 +114,8 @@ NSSUTIL_VMAJOR=`cat nss/lib/util/nssutil.h | grep "#define.*NSSUTIL_VMAJOR" | aw NSSUTIL_VMINOR=`cat nss/lib/util/nssutil.h | grep "#define.*NSSUTIL_VMINOR" | awk '{print $3}'` NSSUTIL_VPATCH=`cat nss/lib/util/nssutil.h | grep "#define.*NSSUTIL_VPATCH" | awk '{print $3}'` -export NSSUTIL_VMAJOR -export NSSUTIL_VMINOR +export NSSUTIL_VMAJOR +export NSSUTIL_VMINOR export NSSUTIL_VPATCH %{__cat} %{SOURCE3} | sed -e "s,@libdir@,%{_libdir},g" \ @@ -220,9 +222,24 @@ done %{_includedir}/nss3/templates/templates.c %changelog -* Mon Oct 21 2013 Elio Maldonado - 3.15.2-1 -- Update to nss-util from nss-3.15.2 -- Resolves: rhbz#1012678 - pick up NSS-UTIL 3.15.2 +* Fri Jan 24 2014 Daniel Mach - 3.15.4-2 +- Mass rebuild 2014-01-24 + +* Sun Jan 19 2014 Elio Maldonado - 3.15.3-4 +- Update to nss-3.15.4 +- Modified the nss-split-util script to use the nss upstream pristine sources +- Resolves: Bug 1054457 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue [rhel-7.0] + +* Thu Jan 09 2014 Elio Maldonado - 3.15.3-3 +- Add the nss-util portion of a fix for a bug in nss and nss-util +- Resolves: Bug 752980 - Support ECDSA via pluggable ECC in the nss package + +* Fri Dec 27 2013 Daniel Mach - 3.15.3-2 +- Mass rebuild 2013-12-27 + +* Mon Nov 25 2013 Elio Maldonado - 3.15.3-1 +- Update to NSS_3_15_3_RTM +- Resolves: Bug 1031463 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 * Tue Aug 06 2013 Elio Maldonado - 3.15.1-2 - Remove an obsolete script and adjust sources numbering accordingly.