diff --git a/mozilla-nss.changes b/mozilla-nss.changes index c990435..17721c1 100644 --- a/mozilla-nss.changes +++ b/mozilla-nss.changes @@ -1,3 +1,30 @@ +------------------------------------------------------------------- +Tue Jan 7 12:47:09 UTC 2025 - Wolfgang Rosenauer + +- update to NSS 3.107 + * bmo#1923038 - Remove MPI fuzz targets. + * bmo#1925512 - Remove globals `lockStatus` and `locksEverDisabled`. + * bmo#1919015 - Enable PKCS8 fuzz target. + * bmo#1923037 - Integrate Cryptofuzz in CI. + * bmo#1913677 - Part 2: Set tls server target socket options in config class + * bmo#1913677 - Part 1: Set tls client target socket options in config class + * bmo#1913680 - Support building with thread sanitizer. + * bmo#1922392 - set nssckbi version number to 2.72. + * bmo#1919913 - remove Websites Trust Bit from Entrust Root + Certification Authority - G4. + * bmo#1920641 - remove Security Communication RootCA3 root cert. + * bmo#1918559 - remove SecureSign RootCA11 root cert. + * bmo#1922387 - Add distrust-after for TLS to Entrust Roots. + * bmo#1927096 - update expected error code in pk12util pbmac1 tests. + * bmo#1929041 - Use random tstclnt args with handshake collection script + * bmo#1920466 - Remove extraneous assert in ssl3gthr.c. + * bmo#1928402 - Adding missing release notes for NSS_3_105. + * bmo#1874451 - Enable the disabled mlkem tests for dtls. + * bmo#1874451 - NSS gtests filter cleans up the constucted buffer + before the use. + * bmo#1925505 - Make ssl_SetDefaultsFromEnvironment thread-safe. + * bmo#1925503 - Remove short circuit test from ssl_Init. + ------------------------------------------------------------------- Wed Dec 11 15:00:16 UTC 2024 - Adrian Schröter @@ -7,7 +34,7 @@ Wed Dec 11 15:00:16 UTC 2024 - Adrian Schröter Tue Nov 26 15:07:49 UTC 2024 - Martin Sirringhaus - Remove upstreamed bmo-1400603.patch -- Added nss-bmo1930797.patch to fix failing tests in testsuite +- Added nss-bmo1930797.patch to fix failing tests in testsuite ------------------------------------------------------------------- Thu Nov 21 14:11:56 UTC 2024 - Wolfgang Rosenauer diff --git a/mozilla-nss.spec b/mozilla-nss.spec index 889727a..4d1c198 100644 --- a/mozilla-nss.spec +++ b/mozilla-nss.spec @@ -1,8 +1,8 @@ # # spec file for package mozilla-nss # -# Copyright (c) 2024 SUSE LLC -# Copyright (c) 2006-2024 Wolfgang Rosenauer +# Copyright (c) 2025 SUSE LLC +# Copyright (c) 2006-2025 Wolfgang Rosenauer # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,15 +17,15 @@ # -%global nss_softokn_fips_version 3.106 +%global nss_softokn_fips_version 3.107 %define NSPR_min_version 4.36 %define nspr_ver %(rpm -q --queryformat '%%{VERSION}' mozilla-nspr) %define nssdbdir %{_sysconfdir}/pki/nssdb %global crypto_policies_version 20210218 Name: mozilla-nss -Version: 3.106 +Version: 3.107 Release: 0 -%define underscore_version 3_106 +%define underscore_version 3_107 Summary: Network Security Services License: MPL-2.0 Group: System/Libraries diff --git a/nss-3.106.tar.gz b/nss-3.106.tar.gz deleted file mode 100644 index 8091e55..0000000 --- a/nss-3.106.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:026b744e1e0784b890c3846ac9506472a92138c1f4d41dec581949574c585c38 -size 76621626 diff --git a/nss-3.107.tar.gz b/nss-3.107.tar.gz new file mode 100644 index 0000000..48d8bbf --- /dev/null +++ b/nss-3.107.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7f7e96473e38150771a615f5d40e8c41ba3a19385301ae0c525091f2fc9d6729 +size 76617725 diff --git a/nss-bmo1930797.patch b/nss-bmo1930797.patch index e8f84c5..080a2e6 100644 --- a/nss-bmo1930797.patch +++ b/nss-bmo1930797.patch @@ -307,35 +307,3 @@ Index: nss/lib/util/nsshash.c case SEC_OID_SHA1: hmacOid = SEC_OID_HMAC_SHA1; break; -Index: nss/tests/tools/tools.sh -=================================================================== ---- nss.orig/tests/tools/tools.sh -+++ nss/tests/tools/tools.sh -@@ -541,21 +541,21 @@ tools_p12_import_pbmac1_samples() - html_msg $ret 0 "Importing private key pbmac1 hmac-sha-512 from PKCS#12 file" - check_tmpfile - -- echo "${BINDIR}/pk12util -l ${TOOLSDIR}/data/pbmac1-invalid-bad-iter.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '1234'" -- ${BINDIR}/pk12util -l ${TOOLSDIR}/data/pbmac1-invalid-bad-iter.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '1234' 2>&1 -+ echo "${BINDIR}/pk12util -l ${TOOLSDIR}/data/pbmac1-invalid-bad-iter.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '1234' -I" -+ ${BINDIR}/pk12util -l ${TOOLSDIR}/data/pbmac1-invalid-bad-iter.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '1234' -I 2>&1 - ret=$? - html_msg $ret 19 "Fail to list private key with bad iterator" - check_tmpfile - -- echo "${BINDIR}/pk12util -l ${TOOLSDIR}/data/pbmac1-invalid-bad-salt.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '1234'" -- ${BINDIR}/pk12util -l ${TOOLSDIR}/data/pbmac1-invalid-bad-salt.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '1234' 2>&1 -+ echo "${BINDIR}/pk12util -l ${TOOLSDIR}/data/pbmac1-invalid-bad-salt.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '1234' -I" -+ ${BINDIR}/pk12util -l ${TOOLSDIR}/data/pbmac1-invalid-bad-salt.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '1234' -I 2>&1 - ret=$? - echo "Fail to list private key with bad salt val=$ret" - html_msg $ret 19 "Fail to import private key with bad salt" - check_tmpfile - -- echo "${BINDIR}/pk12util -l ${TOOLSDIR}/data/pbmac1-invalid-no-length.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '1234'" -- ${BINDIR}/pk12util -l ${TOOLSDIR}/data/pbmac1-invalid-no-length.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '1234' 2>&1 -+ echo "${BINDIR}/pk12util -l ${TOOLSDIR}/data/pbmac1-invalid-no-length.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '1234' -I" -+ ${BINDIR}/pk12util -l ${TOOLSDIR}/data/pbmac1-invalid-no-length.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '1234' -I 2>&1 - ret=$? - echo "Fail to import private key with no length val=$ret" - html_msg $ret 19 "Fail to import private key with no length"