Hide Forgot
Description of problem: We have updated nss to 3.13.1 and shipped it with nspr 4.8.9. This is too old for the 3.13 line. Due to an upstream miss-communication nss 13.3 was released with NSS_4_9_BETA4. This has been rectified and NSS_4_9_RTM is now released. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: This update is required in order to update nss to 3.13.3
The bug fixes in NSPR 4.8.9 can be found with this Bugzilla query: https://bugzilla.mozilla.org/buglist.cgi?list_id=1088474&resolution=FIXED&classification=Components&query_format=advanced&target_milestone=4.8.9&product=NSPR Besides adding a function to obtain version of NSPR at runtime, the chages are fixes intended for palforms other than Linux ones. Th fiies in NSPR 4.9 are https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED;classification=Components;query_format=advanced;target_milestone=4.9;product=NSPR;list_id=2533440 Of interest are: Add PR macro for maximum 64 bit value Add PR_INT64 and PR_UINT64 macros for portable 64-bit integer constants.
Created attachment 567671 [details] These are the changes I made while rebasing in the for of a patch Updated existing patches to account for code movements for they otherwise do the same as before. Hardly anything had to be done.
Created attachment 567759 [details] Changes actually applied in patch form
Comment on attachment 567759 [details] Changes actually applied in patch form This is a diff with a *very* old version of NSPR, not the latest. NOTE: the latest version in RHEL 6.3 is 4.8.9-3. This looks like it was merged with 4.8.9-2
Created attachment 567840 [details] Changes to rebase nspr to 4.9 since last build That previous build which I am comparing against is effectively the same, results-wise, as the one for rhel 6.2.z that was sent out.
(In reply to comment #7) > > That previous build which I am comparing against is effectively the same, > results-wise, as the one for rhel 6.2.z that was sent out. No, the latest version in RHEL 6.3 is 4.8.9-2 and it is RHEL6.2.z that has a 4.8.9-3 entry. 'rhpkg --branches nspr' brings them in separate directories so one can examine the both spec files and compare. Looking at the most recent entries in the %changelog for each: ---------------------------------------------------------------- For RHEL 6.3 we have %changelog * Thu Mar 01 2012 Elio Maldonado <emaldona> - 4.9-1 - Resolves: rhbz#799193 - Update to 4.9 * Wed Jan 18 2012 Elio Maldonado <emaldona> - 4.8.9-2 - Related: Bug 744069 - Avoid %%post/un shell invocations and dependencies. * Wed Jan 18 2012 elio maldonado <emaldona> - 4.8.9-1 - Resolves: Bug 744069 - Rebase nspr to 4.8.9 or higher * Fri Jul 22 2011 Elio Maldonado <emaldona> - 4.8.8-3 - Add partial RELRO support as a security enhancement... ----------------------------------------------------------------- and for RHEL-6.2 we have: %changelog * Mon Jan 30 2012 Elio Maldonado <emaldona> - 4.8.9-3 - Resolves: 784489,CVE-2011-3389 - Add partial RELRO support as a security enhancement * Sun Jan 29 2012 Elio Maldonado Batiz <emaldona> - 4.8.9-2 - Resolves: 784489,CVE-2011-3389 - Update to 3.13.1 - Run the nspr test suite in the %%check section * Wed Sep 07 2011 Elio Maldonado <emaldona> - 4.8.7-2 - Update to 4.8.8 --------------------------------------------------------------------- I downloaded the nspr-debuginfo rpms from each and extracted them with 'rpmdev-extract path-to-the-srpm' and saw identical sources. The spec files look different, but once all patches have been applied with 'rpkg prep' I end up with the same results.
Comment on attachment 567840 [details] Changes to rebase nspr to 4.9 since last build This is the nss patch, not nspr patch. I pulled both the z-stream .src.rpm and the current candidate 6.3 rpm and did a diff of the specs and the source. Other than the desired patch, the only other changes to the source were ifdefs for iOS and Android, so r+ for this build for 6.3 and z-stream from me.
*** Bug 798988 has been marked as a duplicate of this bug. ***
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: No Documentation Needed
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2012-0973.html