Bug 980266

Summary: Consolidate all patches into upstream source
Product: [Fedora] Fedora Reporter: Matthew Harmsen <mharmsen>
Component: mod_nssAssignee: Matthew Harmsen <mharmsen>
Status: CLOSED EOL QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 22CC: mharmsen, rcritten
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-07-19 10:15:32 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Matthew Harmsen 2013-07-01 22:55:08 UTC
It was noticed that not all information from all of the Fedora patches have been checked-in to the upstream source.

The upstream source should contain ALL patch changes, and a fresh 'mod-nss' should be re-based which contains no patches.

Comment 1 Fedora End Of Life 2013-09-16 14:21:36 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 20 development cycle.
Changing version to '20'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora20

Comment 2 Matthew Harmsen 2014-11-14 19:06:25 UTC
The source consolidation of the various patches appears to have been completed by rcritten during the month of February 2014:

commit d419d7cdbf7bf4a94f79b0618cb3bc9d2e12c3c7
Author: Rob Crittenden <rcritten>

    Become 1.0.9
    
    Add a DIST target to make it easier to tar things up.
    
    Rename the make target test to check

commit 07c27296c2c940cb119386304ebffb4ab41f0fb9
Author: Rob Crittenden <rcritten>
Date:   Wed Feb 26 16:37:51 2014 -0500

    Add some basic functional tests.
    
    This tests in an in-tree Apache instance using the local libmodnss.so
    shared library, so no pre-installation is necessary.
    
    The tests use python-nose and a hacked python-requests library. It is
    hacked so I can obtain the negotiated cipher and protocol as well as
    pass a few other things into it.
    
    Tests right now are limited to GET requests.
    
    A new user certificate for 'beta' was added to gencert to do pass/fail
    access control testing.
    
    The basic process of the tests are:
    
    - run setup.sh which sets up a new instance with createinstance.sh
      and does some variable substitution.
    - nosetests -v
    
    I picture multiple test "suites" of different configurations. Right now
    there is only one. A template file is provided for each suite.
    
    Tested only on Fedora 20 right now.

commit c2ac0d128e776f3edb8aeb8920bf41b99742e74c
Author: Rob Crittenden <rcritten>
Date:   Mon Feb 24 16:48:24 2014 -0500

    Finally added a .gitignore

commit b50b13b7d68d1e65c20adac48e8e6e53820b89d3
Author: Rob Crittenden <rcritten>
Date:   Fri Feb 21 13:56:03 2014 -0500

    Remove an unused variable

commit ed17d95907e6357fdf85a6de3b42322866a2860e
Author: Rob Crittenden <rcritten>
Date:   Fri Feb 21 13:23:58 2014 -0500

    Apache 2.4 compatibility changes

commit 3413bbdd3c7703eb559b1544d910485a02951584
Author: Rob Crittenden <rcritten>
Date:   Thu Feb 20 17:46:48 2014 -0500

    Rename configure.in to configure.ac

commit 9e9b886e67d1798c65abfbad6042f3fdcc0aed0f
Author: Rob Crittenden <rcritten>
Date:   Thu Feb 20 17:10:27 2014 -0500

    Remove a bunch of auto-generated files
    
    We don't need to include these in the source. The user should run
    autoreconf -i -f before building.

commit d80edebece935254185775dedfc71121412937bc
Author: Rob Crittenden <rcritten>
Date:   Fri Oct 11 18:21:31 2013 -0400

    Update Changelog and AUTHORS

commit ff7637163c2677d1bff87583574c2378736de4e1
Author: Rob Crittenden <rcritten>
Date:   Thu Feb 20 16:51:17 2014 -0500

    Fix incorrect handling of NSSVerifyClient in directory context
    
    CVE-2013-4566
    
    Resolves #1037722

commit 84672b92cbe66b618420510b90de332b7efc4e98
Author: Rob Crittenden <rcritten>
Date:   Thu Feb 20 16:47:49 2014 -0500

    Fix argument handling in nss_pcache

commit 04a38bc1491e7396d220efbbcbf7a9a1b67c45aa
Author: Rob Crittenden <rcritten>
Date:   Thu Feb 20 16:47:38 2014 -0500

    Move nss_pcache to /usr/libexec

commit 6ea9bd897f3cfc1526067b52868d31ee3da19cc1
Author: Rob Crittenden <rcritten>
Date:   Thu Feb 20 16:32:52 2014 -0500

    Work with mod_proxy when mod_ssl is also loaded.
    
    There is a single-set of hooks in mod_proxy so if mod_ssl was even
    loaded,even if not being used, it would grab those hooks and mod_nss
    would not work.
    
    Resolves #1021469

commit 8eff5df729dcad9c229e637b752b762a4ad5472a
Author: Rob Crittenden <rcritten>
Date:   Thu Feb 20 16:27:06 2014 -0500

    Document sample mod_nss use cases, including FIPS.
    
    Matthew Harmsen <mharmsen>
    
    Resolvds #1036940

commit e339e2f0d32ece5d0ad169d672294930805e88c9
Author: Rob Crittenden <rcritten>
Date:   Thu Feb 20 16:26:53 2014 -0500

    Install nss_pcache.8 man page

Comment 3 Matthew Harmsen 2014-11-14 19:09:07 UTC
Finally, after several additional bug fixes, mod_nss has been re-based to 1.0.10 for Fedora 21:

commit eff60f32a72eb96fa5e43bc30317eb713f8ba34c
Author: Rob Crittenden <rcritten>
Date:   Fri Oct 17 11:15:33 2014 -0400

    Become 1.0.10

Comment 4 Jaroslav Reznik 2015-03-03 17:09:42 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 22 development cycle.
Changing version to '22'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora22

Comment 5 Fedora End Of Life 2016-07-19 10:15:32 UTC
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.