- update to NSS 3.51

* Updated DTLS 1.3 implementation to Draft-34. (bmo#1608892)
  * Correct swapped PKCS11 values of CKM_AES_CMAC and
    CKM_AES_CMAC_GENERAL (bmo#1611209)
  * Complete integration of Wycheproof ECDH test cases (bmo#1612259)
  * Check if PPC __has_include(<sys/auxv.h>) (bmo#1614183)
  * Fix a compilation error for ‘getFIPSEnv’ "defined but not used"
    (bmo#1614786)
  * Send DTLS version numbers in DTLS 1.3 supported_versions extension
    to avoid an incompatibility. (bmo#1615208)
  * SECU_ReadDERFromFile calls strstr on a string that isn't guaranteed
    to be null-terminated (bmo#1538980)
  * Correct a warning for comparison of integers of different signs:
    'int' and 'unsigned long' in security/nss/lib/freebl/ecl/ecp_25519.c:88
    (bmo#1561337)
  * Add test for mp_int clamping (bmo#1609751)
  * Don't attempt to read the fips_enabled flag on the machine unless
    NSS was built with FIPS enabled (bmo#1582169)
  * Fix a null pointer dereference in BLAKE2B_Update (bmo#1431940)
  * Fix compiler warning in secsign.c (bmo#1617387)
  * Fix a OpenBSD/arm64 compilation error: unused variable 'getauxval'
    (bmo#1618400)
  * Fix a crash on unaligned CMACContext.aes.keySchedule when using
    AES-NI intrinsics (bmo#1610687)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=311

mozilla-nss.changes

@@ -1,3 +1,31 @@
+-------------------------------------------------------------------
+Mon Mar 30 13:35:25 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- update to NSS 3.51
+  * Updated DTLS 1.3 implementation to Draft-34. (bmo#1608892)
+  * Correct swapped PKCS11 values of CKM_AES_CMAC and
+    CKM_AES_CMAC_GENERAL (bmo#1611209)
+  * Complete integration of Wycheproof ECDH test cases (bmo#1612259)
+  * Check if PPC __has_include(<sys/auxv.h>) (bmo#1614183)
+  * Fix a compilation error for ‘getFIPSEnv’ "defined but not used"
+    (bmo#1614786)
+  * Send DTLS version numbers in DTLS 1.3 supported_versions extension
+    to avoid an incompatibility. (bmo#1615208)
+  * SECU_ReadDERFromFile calls strstr on a string that isn't guaranteed
+    to be null-terminated (bmo#1538980)
+  * Correct a warning for comparison of integers of different signs:
+    'int' and 'unsigned long' in security/nss/lib/freebl/ecl/ecp_25519.c:88
+    (bmo#1561337)
+  * Add test for mp_int clamping (bmo#1609751)
+  * Don't attempt to read the fips_enabled flag on the machine unless
+    NSS was built with FIPS enabled (bmo#1582169)
+  * Fix a null pointer dereference in BLAKE2B_Update (bmo#1431940)
+  * Fix compiler warning in secsign.c (bmo#1617387)
+  * Fix a OpenBSD/arm64 compilation error: unused variable 'getauxval'
+    (bmo#1618400)
+  * Fix a crash on unaligned CMACContext.aes.keySchedule when using
+    AES-NI intrinsics (bmo#1610687)
+
 -------------------------------------------------------------------
 Tue Mar  3 21:13:38 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
 

mozilla-nss.spec

@@ -17,14 +17,14 @@
 #
 
 
-%global nss_softokn_fips_version 3.50
+%global nss_softokn_fips_version 3.51
 %define NSPR_min_version 4.25
 %define nspr_ver %(rpm -q --queryformat '%%{VERSION}' mozilla-nspr)
 %define nssdbdir %{_sysconfdir}/pki/nssdb
 Name:           mozilla-nss
-Version:        3.50
+Version:        3.51
 Release:        0
-%define underscore_version 3_50
+%define underscore_version 3_51
 Summary:        Network Security Services
 License:        MPL-2.0
 Group:          System/Libraries

nss-3.50.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:185df319775243f5f5daa9d49b7f9cc5f2b389435be3247c3376579bee063ba7
-size 78041630

nss-3.51.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:75348b3b3229362486c57a880db917da1f96ef4eb639dc9cc2ff17d72268459c
+size 78305125