863285 – Rebase nss-util to 3.14

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 863285 - Rebase nss-util to 3.14

Summary: Rebase nss-util to 3.14

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	nss-util
Sub Component:
Version:	6.4
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Elio Maldonado Batiz
QA Contact:	Aleš Mareček
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	833480 (view as bug list)
Depends On:	863286
Blocks:	816394 837089 1022310
TreeView+	depends on / blocked

Reported:	2012-10-05 00:14 UTC by Elio Maldonado Batiz
Modified:	2015-05-06 11:28 UTC (History)
CC List:	5 users (show)
Fixed In Version:	nss-util-3.14.0.0-2.el6
Doc Type:	Rebase: Bug Fixes and Enhancements
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-02-21 10:43:59 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
Changes to rebase to 3.14 - based on private branch work (4.22 KB, patch) 2012-10-08 23:42 UTC, Elio Maldonado Batiz	rrelyea: review+	Details \| Diff
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2013:0445	0	normal	SHIPPED_LIVE	nss, nss-util, nspr bug fix and enhancement update	2013-02-20 21:07:50 UTC

Description Elio Maldonado Batiz 2012-10-05 00:14:02 UTC

Description of problem: This is needed in order to rebase nss to 3.14 which in turn is needed in order to add TLS 1.1 support to nss. The driver is a corresponding request for mod_nss for Apache 2.2 on rhel-6.4. 


Version-Release number of selected component (if applicable): RHEL-6.4


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

Comment 1 Elio Maldonado Batiz 2012-10-08 23:42:50 UTC

Created attachment 623802 [details]
Changes to rebase to 3.14 - based on private branch work

Comment 2 Bob Relyea 2012-10-08 23:52:44 UTC

Comment on attachment 623802 [details]
Changes to rebase to 3.14 - based on private branch work

r+ for RHEL 6

Comment 5 Kai Engert (:kaie) (inactive account) 2012-10-12 15:15:07 UTC

Built nss-util-3.14.0.0-1.el6

Comment 7 Karel Srot 2012-10-15 13:02:31 UTC

Hi,
could you please summarize changes since last build and point out some items that deserve to be tested (except TLS1.1?

Comment 8 Bob Relyea 2012-10-16 19:50:12 UTC

The changes to util include:

* a buffer overflow function in DER_GetInteger and DER_GetUInteger has been fixed. (calling these functions on a DER integer greater then sizeof(int) on the given platform should not fail).

* upstream as turned off MD5 by default. We should verify that we did not turn off md5 by default here in RHEL 6.

* Several new ciphers were added, but are not enabled since we did not update softoken, so normal NSS regression testing is sufficient.

* Several functions have been moved out of softoken into nss-util. These functions aren't used in RHEL 6 (since we didn't update softoken), so normall regression testing is sufficient here.

I'll leave it to Elio to add or correct anything on Wednesday.

bob

Comment 9 Elio Maldonado Batiz 2012-10-18 18:06:59 UTC

The only thing to add is that we are rebasing to nss-3.14 from nss-3.13.5 having skipped nss-3.13.6. The bugs fixed on 3.13.6 are listed with this query:
https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED;classification=Components;query_format=advanced;product=NSS;target_milestone=3.13.6;list_id=4708561
I don't see anything striking there. For RHEL-5.9 we rebased nss to 3.13.6 so a review of that test suite is worthwhile to pick up any tests you may have added there.

Comment 10 Karel Srot 2012-10-29 16:42:16 UTC

*** Bug 833480 has been marked as a duplicate of this bug. ***

Comment 11 Elio Maldonado Batiz 2013-01-09 21:25:23 UTC

The nss-util-3.14.0.0-2.el6 build was to fix an inconsistency in the n-v-r tags in the sepc file, no code changes.

Comment 14 errata-xmlrpc 2013-02-21 10:43:59 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0445.html

Note You need to log in before you can comment on or make changes to this bug.