- update to 3.14 RTM
* Support for TLS 1.1 (RFC 4346) * Experimental support for DTLS 1.0 (RFC 4347) and DTLS-SRTP (RFC 5764) * Support for AES-CTR, AES-CTS, and AES-GCM * Support for Keying Material Exporters for TLS (RFC 5705) * Support for certificate signatures using the MD5 hash algorithm is now disabled by default * The NSS license has changed to MPL 2.0. Previous releases were released under a MPL 1.1/GPL 2.0/LGPL 2.1 tri-license. For more information about MPL 2.0, please see http://www.mozilla.org/MPL/2.0/FAQ.html. For an additional explanation on GPL/LGPL compatibility, see security/nss/COPYING in the source code. * Export and DES cipher suites are disabled by default. Non-ECC AES and Triple DES cipher suites are enabled by default - disabled OCSP testcases since they need external network (nss-disable-ocsp-test.patch) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=105
This commit is contained in:
parent
579c8a7cf9
commit
eb3cdf4581
@ -1,3 +1,24 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 25 12:02:22 UTC 2012 - wr@rosenauer.org
|
||||
|
||||
- update to 3.14 RTM
|
||||
* Support for TLS 1.1 (RFC 4346)
|
||||
* Experimental support for DTLS 1.0 (RFC 4347) and DTLS-SRTP (RFC 5764)
|
||||
* Support for AES-CTR, AES-CTS, and AES-GCM
|
||||
* Support for Keying Material Exporters for TLS (RFC 5705)
|
||||
* Support for certificate signatures using the MD5 hash algorithm
|
||||
is now disabled by default
|
||||
* The NSS license has changed to MPL 2.0. Previous releases were
|
||||
released under a MPL 1.1/GPL 2.0/LGPL 2.1 tri-license. For more
|
||||
information about MPL 2.0, please see
|
||||
http://www.mozilla.org/MPL/2.0/FAQ.html. For an additional
|
||||
explanation on GPL/LGPL compatibility, see security/nss/COPYING
|
||||
in the source code.
|
||||
* Export and DES cipher suites are disabled by default. Non-ECC
|
||||
AES and Triple DES cipher suites are enabled by default
|
||||
- disabled OCSP testcases since they need external network
|
||||
(nss-disable-ocsp-test.patch)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Aug 15 13:57:42 UTC 2012 - wr@rosenauer.org
|
||||
|
||||
|
@ -25,7 +25,7 @@ BuildRequires: mozilla-nspr-devel
|
||||
BuildRequires: pkg-config
|
||||
BuildRequires: sqlite3-devel
|
||||
BuildRequires: zlib-devel
|
||||
Version: 3.13.6
|
||||
Version: 3.14
|
||||
Release: 0
|
||||
# bug437293
|
||||
%ifarch ppc64
|
||||
@ -33,7 +33,7 @@ Obsoletes: mozilla-nss-64bit
|
||||
%endif
|
||||
#
|
||||
Summary: Network Security Services
|
||||
License: MPL-1.1 or GPL-2.0+ or LGPL-2.1+
|
||||
License: MPL-2.0
|
||||
Group: System/Libraries
|
||||
Url: http://www.mozilla.org/projects/security/pki/nss/
|
||||
# cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co -r <RTM_TAG> NSS
|
||||
@ -53,6 +53,7 @@ Patch3: char.patch
|
||||
Patch4: nss-no-rpath.patch
|
||||
Patch5: renegotiate-transitional.patch
|
||||
Patch6: malloc.patch
|
||||
Patch7: nss-disable-ocsp-test.patch
|
||||
%define nspr_ver %(rpm -q --queryformat '%{VERSION}' mozilla-nspr)
|
||||
PreReq: mozilla-nspr >= %nspr_ver
|
||||
PreReq: libfreebl3 >= %{nss_softokn_fips_version}
|
||||
@ -166,6 +167,7 @@ cd mozilla
|
||||
%if %suse_version > 1110
|
||||
%patch6
|
||||
%endif
|
||||
%patch7
|
||||
# additional CA certificates
|
||||
#cd security/nss/lib/ckfw/builtins
|
||||
#cat %{SOURCE2} >> certdata.txt
|
||||
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:1737a01d1bf5bdeda5d03cdcc7b7e12559cbdfc11a8e52196b6452b643939c69
|
||||
size 4646121
|
3
nss-3.14.tar.bz2
Normal file
3
nss-3.14.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:573fe07884f64fe4be3899c6fcd32134b3fcf6258cd8a206143e9a7dfb72a500
|
||||
size 4772462
|
16
nss-disable-ocsp-test.patch
Normal file
16
nss-disable-ocsp-test.patch
Normal file
@ -0,0 +1,16 @@
|
||||
Index: security/nss/tests/chains/scenarios/scenarios
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/tests/chains/scenarios/scenarios,v
|
||||
retrieving revision 1.9
|
||||
diff -u -p -6 -r1.9 scenarios
|
||||
--- security/nss/tests/chains/scenarios/scenarios 9 Nov 2009 14:18:58 -0000 1.9
|
||||
+++ security/nss/tests/chains/scenarios/scenarios 25 Oct 2012 13:40:00 -0000
|
||||
@@ -46,8 +46,7 @@ aia.cfg
|
||||
bridgewithaia.cfg
|
||||
bridgewithhalfaia.cfg
|
||||
bridgewithpolicyextensionandmapping.cfg
|
||||
realcerts.cfg
|
||||
dsa.cfg
|
||||
revoc.cfg
|
||||
-ocsp.cfg
|
||||
crldp.cfg
|
@ -1,13 +1,16 @@
|
||||
Index: security/nss/cmd/platlibs.mk
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/cmd/platlibs.mk,v
|
||||
retrieving revision 1.64
|
||||
diff -u -r1.64 platlibs.mk
|
||||
--- security/nss/cmd/platlibs.mk 17 Jun 2009 23:01:48 -0000 1.64
|
||||
+++ security/nss/cmd/platlibs.mk 31 Jul 2009 08:04:09 -0000
|
||||
@@ -53,9 +53,9 @@
|
||||
retrieving revision 1.71
|
||||
diff -u -p -6 -r1.71 platlibs.mk
|
||||
--- security/nss/cmd/platlibs.mk 17 Jul 2012 15:22:42 -0000 1.71
|
||||
+++ security/nss/cmd/platlibs.mk 25 Oct 2012 12:07:35 -0000
|
||||
@@ -15,15 +15,15 @@ else
|
||||
EXTRA_SHARED_LIBS += -R '$$ORIGIN/../lib:/usr/lib/mps/secv1:/usr/lib/mps'
|
||||
endif
|
||||
endif
|
||||
|
||||
ifeq ($(OS_ARCH), Linux)
|
||||
ifeq ($(BUILD_SUN_PKG), 1)
|
||||
ifeq ($(USE_64), 1)
|
||||
-EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib64:/opt/sun/private/lib64:$$ORIGIN/../lib'
|
||||
+#EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib64:/opt/sun/private/lib64:$$ORIGIN/../lib'
|
||||
@ -15,5 +18,8 @@ diff -u -r1.64 platlibs.mk
|
||||
-EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib:/opt/sun/private/lib'
|
||||
+#EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib:/opt/sun/private/lib'
|
||||
endif
|
||||
else
|
||||
ifeq ($(USE_64), 1)
|
||||
endif
|
||||
|
||||
endif # BUILD_SUN_PKG
|
||||
|
||||
ifdef NSS_DISABLE_DBM
|
||||
|
@ -1,11 +1,11 @@
|
||||
Index: security/nss/lib/ssl/sslsock.c
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslsock.c,v
|
||||
retrieving revision 1.75
|
||||
diff -u -p -6 -r1.75 sslsock.c
|
||||
--- security/nss/lib/ssl/sslsock.c 22 Oct 2011 16:45:40 -0000 1.75
|
||||
+++ security/nss/lib/ssl/sslsock.c 24 Oct 2011 12:52:25 -0000
|
||||
@@ -178,13 +178,13 @@ static sslOptions ssl_defaults = {
|
||||
retrieving revision 1.96
|
||||
diff -u -p -6 -r1.96 sslsock.c
|
||||
--- security/nss/lib/ssl/sslsock.c 24 Sep 2012 23:57:42 -0000 1.96
|
||||
+++ security/nss/lib/ssl/sslsock.c 25 Oct 2012 12:08:56 -0000
|
||||
@@ -147,13 +147,13 @@ static sslOptions ssl_defaults = {
|
||||
PR_TRUE, /* detectRollBack */
|
||||
PR_FALSE, /* noStepDown */
|
||||
PR_FALSE, /* bypassPKCS11 */
|
||||
@ -13,10 +13,10 @@ diff -u -p -6 -r1.75 sslsock.c
|
||||
PR_FALSE, /* enableSessionTickets */
|
||||
PR_FALSE, /* enableDeflate */
|
||||
- 2, /* enableRenegotiation (default: requires extension) */
|
||||
+ 3, /* enableRenegotiation (default: transitional) */
|
||||
+ 3, /* enableRenegotiation (default: requires extension) */
|
||||
PR_FALSE, /* requireSafeNegotiation */
|
||||
PR_FALSE, /* enableFalseStart */
|
||||
PR_TRUE /* cbcRandomIV */
|
||||
};
|
||||
|
||||
sslSessionIDLookupFunc ssl_sid_lookup;
|
||||
/*
|
||||
|
Loading…
Reference in New Issue
Block a user