From 715468ec8f228195ef92e2d2d7ecc2261b0af1f66451719f0ec0e60718307d11 Mon Sep 17 00:00:00 2001 From: Wolfgang Rosenauer Date: Tue, 7 Jan 2020 08:45:34 +0000 Subject: [PATCH] - update to NSS 3.48 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.48_release_notes Notable Changes * TLS 1.3 is the default maximum TLS version (bmo#1573118) * TLS extended master secret is enabled by default, where possible (bmo#1575411) * The master password PBE now uses 10,000 iterations by default when using the default sql (key4.db) storage (bmo#1562671) Certificate Authority Changes * Added Entrust Root Certification Authority - G4 Cert (bmo#1591178) Bugfixes - requires NSPR 4.24 * CVE-2019-17006 Add length checks for cryptographic primitives (bmo#1539788) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=301 --- mozilla-nss.changes | 18 ++++++++++++++++++ mozilla-nss.spec | 10 +++++----- nss-3.47.1.tar.gz | 3 --- nss-3.48.tar.gz | 3 +++ 4 files changed, 26 insertions(+), 8 deletions(-) delete mode 100644 nss-3.47.1.tar.gz create mode 100644 nss-3.48.tar.gz diff --git a/mozilla-nss.changes b/mozilla-nss.changes index c96a92f..f50ae4b 100644 --- a/mozilla-nss.changes +++ b/mozilla-nss.changes @@ -1,3 +1,19 @@ +------------------------------------------------------------------- +Tue Jan 7 08:24:50 UTC 2020 - Wolfgang Rosenauer + +- update to NSS 3.48 + https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.48_release_notes + Notable Changes + * TLS 1.3 is the default maximum TLS version (bmo#1573118) + * TLS extended master secret is enabled by default, where possible + (bmo#1575411) + * The master password PBE now uses 10,000 iterations by default when + using the default sql (key4.db) storage (bmo#1562671) + Certificate Authority Changes + * Added Entrust Root Certification Authority - G4 Cert (bmo#1591178) + Bugfixes +- requires NSPR 4.24 + ------------------------------------------------------------------- Sun Nov 24 07:33:57 UTC 2019 - Wolfgang Rosenauer @@ -40,6 +56,8 @@ Fri Oct 18 20:07:18 UTC 2019 - Wolfgang Rosenauer * Soft token MAC verification not constant time (bmo#1582343) * Remove arbitrary HKDF output limit by allocating space as needed (bmo#1577953) + * CVE-2019-17006 Add length checks for cryptographic primitives + (bmo#1539788) - requires NSPR 4.22 ------------------------------------------------------------------- diff --git a/mozilla-nss.spec b/mozilla-nss.spec index a9f0d22..603a796 100644 --- a/mozilla-nss.spec +++ b/mozilla-nss.spec @@ -1,7 +1,7 @@ # # spec file for package mozilla-nss # -# Copyright (c) 2019 SUSE LLC +# Copyright (c) 2020 SUSE LLC # Copyright (c) 2006-2019 Wolfgang Rosenauer # # All modifications and additions to the file contributed by third parties @@ -17,14 +17,14 @@ # -%global nss_softokn_fips_version 3.47 -%define NSPR_min_version 4.23 +%global nss_softokn_fips_version 3.48 +%define NSPR_min_version 4.24 %define nspr_ver %(rpm -q --queryformat '%%{VERSION}' mozilla-nspr) %define nssdbdir %{_sysconfdir}/pki/nssdb Name: mozilla-nss -Version: 3.47.1 +Version: 3.48 Release: 0 -%define underscore_version 3_47_1 +%define underscore_version 3_48 Summary: Network Security Services License: MPL-2.0 Group: System/Libraries diff --git a/nss-3.47.1.tar.gz b/nss-3.47.1.tar.gz deleted file mode 100644 index 15bc871..0000000 --- a/nss-3.47.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1ae3d1cb1de345b258788f2ef6b10a460068034c3fd64f42427a183d8342a6fb -size 76462846 diff --git a/nss-3.48.tar.gz b/nss-3.48.tar.gz new file mode 100644 index 0000000..5638a6f --- /dev/null +++ b/nss-3.48.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3f9c822a86a4e3e1bfe63e2ed0f922d8b7c2e0b7cafe36774b1c627970d0f8ac +size 76481237