From a2949dce64bd3ee519925328a97f2e3be81fadf9e9c7a59c8b73e5add9354878 Mon Sep 17 00:00:00 2001 From: Wolfgang Rosenauer Date: Sat, 28 Sep 2013 08:13:46 +0000 Subject: [PATCH 1/4] Accepting request 201249 from home:elvigia:branches:mozilla:Factory -version 3.15.2 - Support for AES-GCM ciphersuites that use the SHA-256 PRF - MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs, - Add PK11_CipherFinal macro - sizeof() used incorrectly - nssutil_ReadSecmodDB() leaks memory - Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished. - Deprecate the SSL cipher policy code - (CVE-2013-1739) Avoid uninitialized data read in the event of a decryption failure. OBS-URL: https://build.opensuse.org/request/show/201249 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=133 --- mozilla-nss.changes | 16 ++++++++++++++++ mozilla-nss.spec | 2 +- nss-3.15.1.tar.gz | 3 --- nss-3.15.2.tar.gz | 3 +++ 4 files changed, 20 insertions(+), 4 deletions(-) delete mode 100644 nss-3.15.1.tar.gz create mode 100644 nss-3.15.2.tar.gz diff --git a/mozilla-nss.changes b/mozilla-nss.changes index b699ed6..47f571c 100644 --- a/mozilla-nss.changes +++ b/mozilla-nss.changes @@ -1,3 +1,19 @@ +------------------------------------------------------------------- +Sat Sep 28 04:20:41 UTC 2013 - crrodriguez@opensuse.org + +-version 3.15.2 +- Support for AES-GCM ciphersuites that use the SHA-256 PRF +- MD2, MD4, and MD5 signatures are no longer accepted for OCSP + or CRLs, +- Add PK11_CipherFinal macro +- sizeof() used incorrectly +- nssutil_ReadSecmodDB() leaks memory +- Allow SSL_HandshakeNegotiatedExtension to be called before + the handshake is finished. +- Deprecate the SSL cipher policy code +- (CVE-2013-1739) Avoid uninitialized data read in the + event of a decryption failure. + ------------------------------------------------------------------- Fri Jul 5 08:08:57 UTC 2013 - lnussel@suse.de diff --git a/mozilla-nss.spec b/mozilla-nss.spec index 35b34fc..98978c6 100644 --- a/mozilla-nss.spec +++ b/mozilla-nss.spec @@ -25,7 +25,7 @@ BuildRequires: mozilla-nspr-devel BuildRequires: pkg-config BuildRequires: sqlite-devel BuildRequires: zlib-devel -Version: 3.15.1 +Version: 3.15.2 Release: 0 # bug437293 %ifarch ppc64 diff --git a/nss-3.15.1.tar.gz b/nss-3.15.1.tar.gz deleted file mode 100644 index a04de36..0000000 --- a/nss-3.15.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f994106a33d1f3210f4151bbb3419a1c28fd1cb545caa7dc9afdebd6da626284 -size 6286561 diff --git a/nss-3.15.2.tar.gz b/nss-3.15.2.tar.gz new file mode 100644 index 0000000..f802f5c --- /dev/null +++ b/nss-3.15.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7b2c80d18c49581edbdb509cbf7afd61d8c53658f2a38ff20e224c1909faeddc +size 6288669 From 5163190a911c9db05d1fe40c83ff7e16af03f1017c1aefb5ac6de2d72ff7d109 Mon Sep 17 00:00:00 2001 From: Wolfgang Rosenauer Date: Sat, 28 Sep 2013 08:17:22 +0000 Subject: [PATCH 2/4] - version 3.15.2 * Support for AES-GCM ciphersuites that use the SHA-256 PRF * MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs * Add PK11_CipherFinal macro * sizeof() used incorrectly * nssutil_ReadSecmodDB() leaks memory * Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished. * Deprecate the SSL cipher policy code * Avoid uninitialized data read in the event of a decryption failure. (CVE-2013-1739) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=134 --- mozilla-nss.changes | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/mozilla-nss.changes b/mozilla-nss.changes index 47f571c..3d39f4a 100644 --- a/mozilla-nss.changes +++ b/mozilla-nss.changes @@ -1,18 +1,18 @@ ------------------------------------------------------------------- Sat Sep 28 04:20:41 UTC 2013 - crrodriguez@opensuse.org --version 3.15.2 -- Support for AES-GCM ciphersuites that use the SHA-256 PRF -- MD2, MD4, and MD5 signatures are no longer accepted for OCSP - or CRLs, -- Add PK11_CipherFinal macro -- sizeof() used incorrectly -- nssutil_ReadSecmodDB() leaks memory -- Allow SSL_HandshakeNegotiatedExtension to be called before - the handshake is finished. -- Deprecate the SSL cipher policy code -- (CVE-2013-1739) Avoid uninitialized data read in the - event of a decryption failure. +- version 3.15.2 + * Support for AES-GCM ciphersuites that use the SHA-256 PRF + * MD2, MD4, and MD5 signatures are no longer accepted for OCSP + or CRLs + * Add PK11_CipherFinal macro + * sizeof() used incorrectly + * nssutil_ReadSecmodDB() leaks memory + * Allow SSL_HandshakeNegotiatedExtension to be called before + the handshake is finished. + * Deprecate the SSL cipher policy code + * Avoid uninitialized data read in the event of a decryption + failure. (CVE-2013-1739) ------------------------------------------------------------------- Fri Jul 5 08:08:57 UTC 2013 - lnussel@suse.de From 5e4a477e3f6a0adc7464f0dbc41d34e1bc0c553c90818a9b38015a1f77340a51 Mon Sep 17 00:00:00 2001 From: Wolfgang Rosenauer Date: Sat, 28 Sep 2013 08:24:06 +0000 Subject: [PATCH 3/4] - update to 3.15.2 (bnc#842979) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=135 --- mozilla-nss.changes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mozilla-nss.changes b/mozilla-nss.changes index 3d39f4a..e1a6fc5 100644 --- a/mozilla-nss.changes +++ b/mozilla-nss.changes @@ -1,7 +1,7 @@ ------------------------------------------------------------------- Sat Sep 28 04:20:41 UTC 2013 - crrodriguez@opensuse.org -- version 3.15.2 +- update to 3.15.2 (bnc#842979) * Support for AES-GCM ciphersuites that use the SHA-256 PRF * MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs From dc0fe543b45d3203bcd14695a43c0277da5a6eab9d7b1bb06028e654e500f097 Mon Sep 17 00:00:00 2001 From: Wolfgang Rosenauer Date: Sat, 28 Sep 2013 08:34:54 +0000 Subject: [PATCH 4/4] OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=136 --- mozilla-nss.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mozilla-nss.spec b/mozilla-nss.spec index 98978c6..ca6d218 100644 --- a/mozilla-nss.spec +++ b/mozilla-nss.spec @@ -37,7 +37,7 @@ License: MPL-2.0 Group: System/Libraries Url: http://www.mozilla.org/projects/security/pki/nss/ # hg clone https://hg.mozilla.org/projects/nss; hg up NSS_3_15_1_RTM -Source: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_15_1_RTM/src/nss-%{version}.tar.gz +Source: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_15_2_RTM/src/nss-%{version}.tar.gz Source1: nss.pc.in Source3: nss-config.in Source4: %{name}-rpmlintrc