- update to 3.16

* required for Firefox 29 * bmo#903885 - (CVE-2014-1492) In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2. * Supports the Linux x32 ABI. To build for the Linux x32 target, set the environment variable USE_X32=1 when building NSS. New Functions: * NSS_CMSSignerInfo_Verify New Macros * TLS_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, etc., cipher suites that were first defined in SSL 3.0 can now be referred to with their official IANA names in TLS, with the TLS_ prefix. Previously, they had to be referred to with their names in SSL 3.0, with the SSL_ prefix. Notable Changes: * ECC is enabled by default. It is no longer necessary to set the environment variable NSS_ENABLE_ECC=1 when building NSS. To disable ECC, set the environment variable NSS_DISABLE_ECC=1 when building NSS. * libpkix should not include the common name of CA as DNS names when evaluating name constraints. * AESKeyWrap_Decrypt should not return SECSuccess for invalid keys. * Fix a memory corruption in sec_pkcs12_new_asafe. * If the NSS_SDB_USE_CACHE environment variable is set, skip the runtime test sdb_measureAccess. * The built-in roots module has been updated to version 1.97, which adds, removes, and distrusts several certificates. * The atob utility has been improved to automatically ignore lines of text that aren't in base64 format. OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=155
2014-03-21 21:54:13 +00:00 · 2014-03-21 21:54:13 +00:00 · b45e5b8ae6
commit b45e5b8ae6
parent ceb833b465
4 changed files with 42 additions and 5 deletions
--- a/mozilla-nss.changes
+++ b/mozilla-nss.changes
@ -1,3 +1,40 @@
+-------------------------------------------------------------------
+Fri Mar 21 21:16:31 UTC 2014 - wr@rosenauer.org
+
+- update to 3.16
+  * required for Firefox 29
+  * bmo#903885 - (CVE-2014-1492) In a wildcard certificate, the wildcard
+    character should not be embedded within the U-label of an
+    internationalized domain name. See the last bullet point in RFC 6125,
+    Section 7.2.
+  * Supports the Linux x32 ABI. To build for the Linux x32 target, set
+    the environment variable USE_X32=1 when building NSS.
+  New Functions:
+  * NSS_CMSSignerInfo_Verify
+  New Macros
+  * TLS_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, etc.,
+    cipher suites that were first defined in SSL 3.0 can now be referred
+    to with their official IANA names in TLS, with the TLS_ prefix.
+    Previously, they had to be referred to with their names in SSL 3.0,
+    with the SSL_ prefix.
+  Notable Changes:
+  * ECC is enabled by default. It is no longer necessary to set the
+    environment variable NSS_ENABLE_ECC=1 when building NSS. To disable
+    ECC, set the environment variable NSS_DISABLE_ECC=1 when building NSS.
+  * libpkix should not include the common name of CA as DNS names when
+    evaluating name constraints.
+  * AESKeyWrap_Decrypt should not return SECSuccess for invalid keys.
+  * Fix a memory corruption in sec_pkcs12_new_asafe.
+  * If the NSS_SDB_USE_CACHE environment variable is set, skip the runtime
+    test sdb_measureAccess.
+  * The built-in roots module has been updated to version 1.97, which
+    adds, removes, and distrusts several certificates.
+  * The atob utility has been improved to automatically ignore lines of
+    text that aren't in base64 format.
+  * The certutil utility has been improved to support creation of
+    version 1 and version 2 certificates, in addition to the existing
+    version 3 support.
+
 -------------------------------------------------------------------
 Tue Feb 25 11:31:18 UTC 2014 - wr@rosenauer.org

--- a/mozilla-nss.spec
+++ b/mozilla-nss.spec
@ -25,7 +25,7 @@ BuildRequires:  mozilla-nspr-devel >= 4.9
 BuildRequires:  pkg-config
 BuildRequires:  sqlite-devel
 BuildRequires:  zlib-devel
-Version:        3.15.5
+Version:        3.16
 Release:        0
 # bug437293
 %ifarch ppc64
@ -195,7 +195,7 @@ export USE_64=1
 %endif
 export NSS_USE_SYSTEM_SQLITE=1
 #export SQLITE_LIB_NAME=nsssqlite3
-MAKE_FLAGS="BUILD_OPT=1 NSS_ENABLE_ECC=1"
+MAKE_FLAGS="BUILD_OPT=1"
 make nss_build_all $MAKE_FLAGS
 # run testsuite
 %if 0%{?run_testsuite}
--- a/nss-3.15.5.tar.gz
+++ b/nss-3.15.5.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:1442c85624b7de74c7745132a65aa0de47d280c4f01f293d111bc0b6d8271f43
-size 6367893
--- a/nss-3.16.tar.gz
+++ b/nss-3.16.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2bb4faa200962caacf0454f1e870e74aa9a543809e5c440f7978bcce58e0bfe8
+size 6378110