Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 863285

Summary: Rebase nss-util to 3.14
Product: Red Hat Enterprise Linux 6 Reporter: Elio Maldonado Batiz <emaldona>
Component: nss-utilAssignee: Elio Maldonado Batiz <emaldona>
Status: CLOSED ERRATA QA Contact: Aleš Mareček <amarecek>
Severity: high Docs Contact:
Priority: high    
Version: 6.4CC: amarecek, hkario, kengert, ksrot, rrelyea
Target Milestone: rcKeywords: Rebase
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: nss-util-3.14.0.0-2.el6 Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-02-21 10:43:59 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 863286    
Bug Blocks: 816394, 837089, 1022310    
Attachments:
Description Flags
Changes to rebase to 3.14 - based on private branch work rrelyea: review+

Description Elio Maldonado Batiz 2012-10-05 00:14:02 UTC 
Description of problem: This is needed in order to rebase nss to 3.14 which in turn is needed in order to add TLS 1.1 support to nss. The driver is a corresponding request for mod_nss for Apache 2.2 on rhel-6.4. 


Version-Release number of selected component (if applicable): RHEL-6.4


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Elio Maldonado Batiz 2012-10-08 23:42:50 UTC 
Created attachment 623802 [details]
Changes to rebase to 3.14 - based on private branch work
Comment 2 Bob Relyea 2012-10-08 23:52:44 UTC 
Comment on attachment 623802 [details]
Changes to rebase to 3.14 - based on private branch work

r+ for RHEL 6
Comment 5 Kai Engert (:kaie) (inactive account) 2012-10-12 15:15:07 UTC 
Built nss-util-3.14.0.0-1.el6
Comment 7 Karel Srot 2012-10-15 13:02:31 UTC 
Hi,
could you please summarize changes since last build and point out some items that deserve to be tested (except TLS1.1?
Comment 8 Bob Relyea 2012-10-16 19:50:12 UTC 
The changes to util include:

* a buffer overflow function in DER_GetInteger and DER_GetUInteger has been fixed. (calling these functions on a DER integer greater then sizeof(int) on the given platform should not fail).

* upstream as turned off MD5 by default. We should verify that we did not turn off md5 by default here in RHEL 6.

* Several new ciphers were added, but are not enabled since we did not update softoken, so normal NSS regression testing is sufficient.

* Several functions have been moved out of softoken into nss-util. These functions aren't used in RHEL 6 (since we didn't update softoken), so normall regression testing is sufficient here.

I'll leave it to Elio to add or correct anything on Wednesday.

bob
Comment 9 Elio Maldonado Batiz 2012-10-18 18:06:59 UTC 
The only thing to add is that we are rebasing to nss-3.14 from nss-3.13.5 having skipped nss-3.13.6. The bugs fixed on 3.13.6 are listed with this query:
https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED;classification=Components;query_format=advanced;product=NSS;target_milestone=3.13.6;list_id=4708561
I don't see anything striking there. For RHEL-5.9 we rebased nss to 3.13.6 so a review of that test suite is worthwhile to pick up any tests you may have added there.
Comment 10 Karel Srot 2012-10-29 16:42:16 UTC 
*** Bug 833480 has been marked as a duplicate of this bug. ***
Comment 11 Elio Maldonado Batiz 2013-01-09 21:25:23 UTC 
The nss-util-3.14.0.0-2.el6 build was to fix an inconsistency in the n-v-r tags in the sepc file, no code changes.
Comment 14 errata-xmlrpc 2013-02-21 10:43:59 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0445.html