- update to 3.17

* required for Firefox 33
  New functionality:
  * When using ECDHE, the TLS server code may be configured to generate
    a fresh ephemeral ECDH key for each handshake, by setting the
    SSL_REUSE_SERVER_ECDHE_KEY socket option to PR_FALSE. The
    SSL_REUSE_SERVER_ECDHE_KEY option defaults to PR_TRUE, which means
    the server's ephemeral ECDH key is reused for multiple handshakes.
    This option does not affect the TLS client code, which always
    generates a fresh ephemeral ECDH key for each handshake.
  New Macros
  * SSL_REUSE_SERVER_ECDHE_KEY
  Notable Changes:
  * The manual pages for the certutil and pp tools have been updated to
    document the new parameters that had been added in NSS 3.16.2.
  * On Windows, the new build variable USE_STATIC_RTL can be used to
    specify the static C runtime library should be used. By default the
    dynamic C runtime library is used.

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=164

mozilla-nss.changes

@@ -1,3 +1,25 @@
+-------------------------------------------------------------------
+Fri Aug 29 11:53:10 UTC 2014 - wr@rosenauer.org
+
+- update to 3.17
+  * required for Firefox 33
+  New functionality:
+  * When using ECDHE, the TLS server code may be configured to generate
+    a fresh ephemeral ECDH key for each handshake, by setting the
+    SSL_REUSE_SERVER_ECDHE_KEY socket option to PR_FALSE. The
+    SSL_REUSE_SERVER_ECDHE_KEY option defaults to PR_TRUE, which means
+    the server's ephemeral ECDH key is reused for multiple handshakes.
+    This option does not affect the TLS client code, which always
+    generates a fresh ephemeral ECDH key for each handshake.
+  New Macros
+  * SSL_REUSE_SERVER_ECDHE_KEY
+  Notable Changes:
+  * The manual pages for the certutil and pp tools have been updated to
+    document the new parameters that had been added in NSS 3.16.2.
+  * On Windows, the new build variable USE_STATIC_RTL can be used to
+    specify the static C runtime library should be used. By default the
+    dynamic C runtime library is used.
+
 -------------------------------------------------------------------
 Tue Aug 12 10:56:55 UTC 2014 - wr@rosenauer.org
 

mozilla-nss.spec

@@ -21,11 +21,11 @@
 
 Name:           mozilla-nss
 BuildRequires:  gcc-c++
-BuildRequires:  mozilla-nspr-devel >= 4.10.5
+BuildRequires:  mozilla-nspr-devel >= 4.10.7
 BuildRequires:  pkg-config
 BuildRequires:  sqlite-devel
 BuildRequires:  zlib-devel
-Version:        3.16.4
+Version:        3.17
 Release:        0
 # bug437293
 %ifarch ppc64
@@ -36,8 +36,8 @@ Summary:        Network Security Services
 License:        MPL-2.0
 Group:          System/Libraries
 Url:            http://www.mozilla.org/projects/security/pki/nss/
-Source:         https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_16_4_RTM/src/nss-%{version}.tar.gz
-# hg clone https://hg.mozilla.org/projects/nss nss-3.16/nss ; cd nss-3.16/nss ; hg up NSS_3_16_RTM
+Source:         https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_17_RTM/src/nss-%{version}.tar.gz
+# hg clone https://hg.mozilla.org/projects/nss nss-3.17/nss ; cd nss-3.17/nss ; hg up NSS_3_17_RTM
 #Source:         nss-%{version}.tar.gz
 Source1:        nss.pc.in
 Source3:        nss-config.in

nss-3.16.4.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:adcd1e655fd9508e7f13847452fd5887a835eff882e3f0d3c42dfcd651650b77
-size 6428795

nss-3.17.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3b1abcd8f89211dda2cc739bfa76552d080f7ea80482ef2727b006548a7f0c81
+size 6429534