Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 910798 Details for
Bug 1110860
Rebase nss in RHEL 5.11 to NSS 3.16.1 (required for FF 31)
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
all changes needed to rebase to nss-3.16.1 - in patch format
nsschanges.patch (text/plain), 6.71 KB, created by
Elio Maldonado Batiz
on 2014-06-20 14:47:07 UTC
(
hide
)
Description:
all changes needed to rebase to nss-3.16.1 - in patch format
Filename:
MIME Type:
Creator:
Elio Maldonado Batiz
Created:
2014-06-20 14:47:07 UTC
Size:
6.71 KB
patch
obsolete
>diff --git a/.gitignore b/.gitignore >index d5bece2..d3c92d5 100644 >--- a/.gitignore >+++ b/.gitignore >@@ -8,4 +8,4 @@ > /TestCA.ca.cert > /TestUser50.cert > /TestUser51.cert >-/nss-3.15.3.tar.bz2 >+/nss-3.16.1.tar.bz2 >diff --git a/nss-ssl-cbc-random-iv-off-by-default.patch b/nss-ssl-cbc-random-iv-off-by-default.patch >index 5856f77..76eb1a9 100644 >--- a/nss-ssl-cbc-random-iv-off-by-default.patch >+++ b/nss-ssl-cbc-random-iv-off-by-default.patch >@@ -1,16 +1,16 @@ > diff -up nss/lib/ssl/sslsock.c.cbcrandomivoff nss/lib/ssl/sslsock.c >---- nss/lib/ssl/sslsock.c.cbcrandomivoff 2013-05-30 22:20:52.181292812 -0700 >-+++ nss/lib/ssl/sslsock.c 2013-05-30 22:20:52.194292913 -0700 >-@@ -152,7 +152,7 @@ static sslOptions ssl_defaults = { >+--- nss/lib/ssl/sslsock.c.cbcrandomivoff 2014-05-20 14:46:57.256630822 -0700 >++++ nss/lib/ssl/sslsock.c 2014-05-20 14:50:02.124647777 -0700 >+@@ -77,7 +77,7 @@ static sslOptions ssl_defaults = { > 3, /* enableRenegotiation (default: transitional) */ > PR_FALSE, /* requireSafeNegotiation */ > PR_FALSE, /* enableFalseStart */ > - PR_TRUE, /* cbcRandomIV */ > + PR_FALSE, /* cbcRandomIV */ /* defaults to off for compatibility */ >- PR_FALSE /* enableOCSPStapling */ >- }; >- >-@@ -2913,9 +2913,9 @@ ssl_SetDefaultsFromEnvironment(void) >+ PR_FALSE, /* enableOCSPStapling */ >+ PR_TRUE, /* enableNPN */ >+ PR_FALSE /* enableALPN */ >+@@ -2883,9 +2883,9 @@ ssl_SetDefaultsFromEnvironment(void) > PR_TRUE)); > } > ev = getenv("NSS_SSL_CBC_RANDOM_IV"); >diff --git a/nss.spec b/nss.spec >index 985a7ab..8172780 100644 >--- a/nss.spec >+++ b/nss.spec >@@ -1,4 +1,4 @@ >-%global nspr_version 4.10.2 >+%global nspr_version 4.10.6 > %global unsupported_tools_directory %{_libdir}/nss/unsupported-tools > %global fips_source_version 3.14.3 > %global fips_validated_nss %{name}-%{fips_source_version} >@@ -7,8 +7,8 @@ > > Summary: Network Security Services > Name: nss >-Version: 3.15.3 >-Release: 6%{?dist} >+Version: 3.16.1 >+Release: 1%{?dist} > License: MPLv2.0 > URL: http://www.mozilla.org/projects/security/pki/nss/ > Group: System Environment/Libraries >@@ -118,7 +118,6 @@ Patch79: define-uint32.patch > Patch80: nss-build-without-softoken-but-with-util.patch > Patch81: nocertcgi.patch > Patch170: cpuinfo4fbst.patch >-Patch58: revoking-trust-in-one-anssi-certificate.patch > > %description > Network Security Services (NSS) is a set of libraries designed to >@@ -216,9 +215,6 @@ rm -rf nss/lib/sysinit > %patch70 -p0 -b .cpuinfo > %patch81 -p0 -b .nocertcgi > %patch80 -p0 -b .util >-pushd nss >-%patch58 -p1 -b .1042684 >-popd > > # Apply the patches to the tree where we build freebl/softoken > cd nss-softokn-util-%{fips_source_version} >@@ -928,6 +924,10 @@ done > > > %changelog >+* Wed Jun 18 2014 Elio Maldonado <emaldona@redhat.com> - 3.16.1-1 >+- Rebase to nss-3.16.1 for FF31 >+- Resolves: Bug 1110860 - Rebase nss in RHEL 5.11 to NSS 3.16.1, required for FF 31 >+ > * Tue Apr 29 2014 Elio Maldonado <emaldona@redhat.com> - 3.15.3-6 > - Remove unused and obsolete patches > - Related: Bug 1032468 >diff --git a/revoking-trust-in-one-anssi-certificate.patch b/revoking-trust-in-one-anssi-certificate.patch >deleted file mode 100644 >index c5f3b01..0000000 >--- a/revoking-trust-in-one-anssi-certificate.patch >+++ /dev/null >@@ -1,72 +0,0 @@ >-diff --git a/lib/ckfw/builtins/nssckbi.h b/lib/ckfw/builtins/nssckbi.h >---- a/lib/ckfw/builtins/nssckbi.h >-+++ b/lib/ckfw/builtins/nssckbi.h >-@@ -40,18 +40,18 @@ >- * ... >- * - NSS 3.29 branch: 250-255 >- * >- * NSS_BUILTINS_LIBRARY_VERSION_MINOR is a CK_BYTE. It's not clear >- * whether we may use its full range (0-255) or only 0-99 because >- * of the comment in the CK_VERSION type definition. >- */ >- #define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 1 >--#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 94 >--#define NSS_BUILTINS_LIBRARY_VERSION "1.94" >-+#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 95 >-+#define NSS_BUILTINS_LIBRARY_VERSION "1.95" >- >- /* These version numbers detail the semantic changes to the ckfw engine. */ >- #define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1 >- #define NSS_BUILTINS_HARDWARE_VERSION_MINOR 0 >- >- /* These version numbers detail the semantic changes to ckbi itself >- * (new PKCS #11 objects), etc. */ >- #define NSS_BUILTINS_FIRMWARE_VERSION_MAJOR 1 >-diff --git a/lib/ckfw/builtins/certdata.txt b/lib/ckfw/builtins/certdata.txt >---- a/lib/ckfw/builtins/certdata.txt >-+++ b/lib/ckfw/builtins/certdata.txt >-@@ -12371,16 +12371,44 @@ END >- CKA_SERIAL_NUMBER MULTILINE_OCTAL >- \002\005\071\021\105\020\224 >- END >- CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR >- CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR >- CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR >- CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE >- >-+# Distrust "Distrusted AC DG Tresor SSL" >-+# Issuer: CN=AC DGTPE Signature Authentification,O=DGTPE,C=FR >-+# Serial Number: 204199 (0x31da7) >-+# Subject: CN=AC DG Tr..sor SSL,O=DG Tr..sor,C=FR >-+# Not Valid Before: Thu Jul 18 10:05:28 2013 >-+# Not Valid After : Fri Jul 18 10:05:28 2014 >-+# Fingerprint (MD5): 3A:EA:9E:FC:00:0C:E2:06:6C:E0:AC:39:C1:31:DE:C8 >-+# Fingerprint (SHA1): 5C:E3:39:46:5F:41:A1:E4:23:14:9F:65:54:40:95:40:4D:E6:EB:E2 >-+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST >-+CKA_TOKEN CK_BBOOL CK_TRUE >-+CKA_PRIVATE CK_BBOOL CK_FALSE >-+CKA_MODIFIABLE CK_BBOOL CK_FALSE >-+CKA_LABEL UTF8 "Distrusted AC DG Tresor SSL" >-+CKA_ISSUER MULTILINE_OCTAL >-+\060\113\061\013\060\011\006\003\125\004\006\023\002\106\122\061 >-+\016\060\014\006\003\125\004\012\023\005\104\107\124\120\105\061 >-+\054\060\052\006\003\125\004\003\023\043\101\103\040\104\107\124 >-+\120\105\040\123\151\147\156\141\164\165\162\145\040\101\165\164 >-+\150\145\156\164\151\146\151\143\141\164\151\157\156 >-+END >-+CKA_SERIAL_NUMBER MULTILINE_OCTAL >-+\002\003\003\035\247 >-+END >-+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED >-+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED >-+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED >-+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE >-+ >- # >- # Certificate "Security Communication EV RootCA1" >- # >- CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE >- CKA_TOKEN CK_BBOOL CK_TRUE >- CKA_PRIVATE CK_BBOOL CK_FALSE >- CKA_MODIFIABLE CK_BBOOL CK_FALSE >- CKA_LABEL UTF8 "Security Communication EV RootCA1" >diff --git a/sources b/sources >index 978e9f3..1845bc5 100644 >--- a/sources >+++ b/sources >@@ -8,4 +8,4 @@ a5ae49867124ac75f029a9a33af31bad blank-cert8.db > f998b70c1be25e8bb9f5fdb5d50eb6f2 TestCA.ca.cert > 1b7b6808cd77d5df29bf5bb9e5fac967 TestUser50.cert > ab0b56dd505a995425c03e5266f7c8d6 TestUser51.cert >-2b7f607b709dc8319050f95e9ee28036 nss-3.15.3.tar.bz2 >+b459ca2d0536aca73aa5961a54683f65 nss-3.16.1.tar.bz2
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=910798">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1110860
: 910798