rpms/nss/devel nss-3_11_20060905.patch,NONE,1.1 nss.spec,1.15,1.16
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Sep 6 21:16:49 UTC 2006
- Previous message (by thread): rpms/fedora-release-notes/devel fedora-release-notes.spec, 1.6, 1.7 sources, 1.6, 1.7
- Next message (by thread): rpms/eclipse/devel eclipse.spec, 1.316, 1.317 README, 1.1, NONE org.eclipse.platform.doc.isv-rm-org.eclipse.ui.workbench-Eclipse-UI-Components.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: kengert
Update of /cvs/dist/rpms/nss/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv29393
Modified Files:
nss.spec
Added Files:
nss-3_11_20060905.patch
Log Message:
* Wed Sep 06 2006 Kai Engert <kengert at redhat.com> - 3.11.2-3
- Update to snapshot NSS_3_11_20060905_TAG, which
includes fixes for an RSA signature verification flaw.
nss-3_11_20060905.patch:
coreconf/jdk.mk | 25
coreconf/rules.mk | 8
nss/cmd/lib/secutil.c | 19
nss/cmd/lib/secutil.h | 2
nss/cmd/pk11mode/Makefile | 93
nss/cmd/pk11mode/manifest.mn | 55
nss/cmd/pk11mode/pk11mode.c | 5192 +++++++++++++++++++++++++++++++++++++++++++
nss/cmd/ssltap/ssltap.c | 165 -
nss/lib/base/arena.c | 10
nss/lib/certdb/stanpcertdb.c | 33
nss/lib/certhigh/ocsp.c | 25
nss/lib/crmf/challcli.c | 51
nss/lib/crmf/crmfpop.c | 4
nss/lib/cryptohi/secvfy.c | 11
nss/lib/freebl/Makefile | 32
nss/lib/freebl/config.mk | 4
nss/lib/freebl/mpi/mpmontg.c | 146 -
nss/lib/freebl/unix_rand.c | 134 +
nss/lib/nss/nss.h | 10
nss/lib/pk11wrap/pk11cert.c | 29
nss/lib/pki/certificate.c | 39
nss/lib/pki/cryptocontext.c | 28
nss/lib/pki/nsspki.h | 23
nss/lib/pki/pki3hack.c | 107
nss/lib/pki/pkibase.c | 128 -
nss/lib/pki/pkim.h | 11
nss/lib/pki/pkistore.c | 71
nss/lib/pki/pkistore.h | 11
nss/lib/pki/pkit.h | 13
nss/lib/pki/tdcache.c | 6
nss/lib/pki/trustdomain.c | 4
nss/lib/smime/cmsrecinfo.c | 34
nss/lib/smime/cmsreclist.c | 26
nss/lib/smime/smimeutil.c | 4
nss/lib/softoken/fipstest.c | 195 +
nss/lib/softoken/fipstokn.c | 58
nss/lib/softoken/keydb.c | 84
nss/lib/softoken/lowpbe.c | 2
nss/lib/softoken/pkcs11.c | 42
nss/lib/softoken/pkcs11c.c | 54
nss/lib/softoken/pkcs11i.h | 2
nss/lib/softoken/rsawrapr.c | 47
nss/lib/softoken/softoken.h | 7
nss/lib/ssl/derive.c | 16
nss/lib/ssl/ssl3con.c | 71
nss/lib/ssl/ssl3ecc.c | 6
nss/lib/ssl/sslcon.c | 8
nss/lib/ssl/sslimpl.h | 4
nss/lib/ssl/sslsnce.c | 11
nss/lib/util/secasn1d.c | 6
nss/lib/util/secdig.c | 19
nss/lib/util/secport.c | 65
nss/lib/util/secport.h | 3
nss/tests/cert/cert.sh | 72
nss/tests/ssl/ssl.sh | 44
nss/tests/ssl/sslcov.txt | 20
nss/tests/ssl/sslstress.txt | 2
57 files changed, 6718 insertions(+), 673 deletions(-)
--- NEW FILE nss-3_11_20060905.patch ---
Index: mozilla/security/coreconf/jdk.mk
diff -u mozilla/security/coreconf/jdk.mk:1.18 mozilla/security/coreconf/jdk.mk:1.18.2.1
--- mozilla/security/coreconf/jdk.mk:1.18 Thu Nov 3 00:11:59 2005
+++ mozilla/security/coreconf/jdk.mk Mon Aug 14 17:20:41 2006
@@ -184,6 +184,31 @@
JDK_JIT_OPT =
endif
+# set [Mac OS X] platforms
+ifeq ($(OS_ARCH), Darwin)
+ JAVA_CLASSES = $(JAVA_HOME)/../Classes/classes.jar
+
+ ifeq ($(JRE_HOME),)
+ JRE_HOME = $(JAVA_HOME)
+ JRE_CLASSES = $(JAVA_CLASSES)
+ else
+ ifeq ($(JRE_CLASSES),)
+ JRE_CLASSES = $(JRE_HOME)/../Classes/classes.jar
+ endif
+ endif
+
+ PATH_SEPARATOR = :
+
+ # (2) specify "header" information
+ JAVA_ARCH = darwin
+
+ INCLUDES += -I$(JAVA_HOME)/include
+ INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
+
+ # no JIT option available on this platform
+ JDK_JIT_OPT =
+endif
+
# set [IBM AIX] platforms
ifeq ($(OS_ARCH), AIX)
JAVA_CLASSES = $(JAVA_HOME)/jre/lib/rt.jar
Index: mozilla/security/coreconf/rules.mk
diff -u mozilla/security/coreconf/rules.mk:1.66.2.1 mozilla/security/coreconf/rules.mk:1.66.2.2
--- mozilla/security/coreconf/rules.mk:1.66.2.1 Wed Apr 12 21:01:57 2006
+++ mozilla/security/coreconf/rules.mk Tue Aug 15 21:41:41 2006
@@ -873,8 +873,7 @@
ifneq (,$(filter-out OpenVMS OS2 WIN%,$(OS_TARGET)))
# Can't use sed because of its 4000-char line length limit, so resort to perl
-.DEFAULT:
- @perl -e ' \
+PERL_DEPENDENCIES_PROGRAM = \
open(MD, "< $(DEPENDENCIES)"); \
while (<MD>) { \
if (m@ \.*/*$< @) { \
@@ -901,7 +900,10 @@
} elsif ("$<" ne "$(DEPENDENCIES)") { \
print "$(MAKE): *** No rule to make target $<. Stop.\n"; \
exit(1); \
- }'
+ }
+
+.DEFAULT:
+ @perl -e '$(PERL_DEPENDENCIES_PROGRAM)'
endif
#############################################################################
Index: mozilla/security/nss/cmd/lib/secutil.c
diff -u mozilla/security/nss/cmd/lib/secutil.c:1.71.2.2 mozilla/security/nss/cmd/lib/secutil.c:1.71.2.3
--- mozilla/security/nss/cmd/lib/secutil.c:1.71.2.2 Mon Apr 24 04:41:55 2006
+++ mozilla/security/nss/cmd/lib/secutil.c Wed Jul 19 00:25:03 2006
@@ -3012,25 +3012,6 @@
}
-
-SECItem *
-SECU_GetPBEPassword(void *arg)
-{
- char *p = NULL;
- SECItem *pwitem = NULL;
-
- p = SECU_GetPasswordString(arg,"Password: ");
-
- /* NOTE: This function is obviously unfinished. */
-
- if ( pwitem == NULL ) {
- fprintf(stderr, "Error hashing password\n");
- return NULL;
- }
-
- return pwitem;
-}
-
SECStatus
SECU_ParseCommandLine(int argc, char **argv, char *progName, secuCommand *cmd)
{
Index: mozilla/security/nss/cmd/lib/secutil.h
diff -u mozilla/security/nss/cmd/lib/secutil.h:1.18 mozilla/security/nss/cmd/lib/secutil.h:1.18.24.1
--- mozilla/security/nss/cmd/lib/secutil.h:1.18 Tue Apr 12 02:24:15 2005
+++ mozilla/security/nss/cmd/lib/secutil.h Wed Jul 19 00:25:03 2006
@@ -289,8 +289,6 @@
extern SECKEYLowPublicKey *SECU_ConvHighToLow(SECKEYPublicKey *pubHighKey);
#endif
-extern SECItem *SECU_GetPBEPassword(void *arg);
-
extern char *SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg);
extern SECStatus DER_PrettyPrint(FILE *out, SECItem *it, PRBool raw);
Index: mozilla/security/nss/cmd/pk11mode/Makefile
diff -u /dev/null mozilla/security/nss/cmd/pk11mode/Makefile:1.1.2.2
--- /dev/null Wed Sep 6 01:06:12 2006
+++ mozilla/security/nss/cmd/pk11mode/Makefile Fri Sep 1 22:09:04 2006
@@ -0,0 +1,93 @@
+# ***** BEGIN LICENSE BLOCK *****
+# Version: MPL 1.1/GPL 2.0/LGPL 2.1
+#
+# The contents of this file are subject to the Mozilla Public License Version
+# 1.1 (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+# http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS IS" basis,
+# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+# for the specific language governing rights and limitations under the
+# License.
+#
+# The Original Code is the Netscape security libraries.
+#
+# The Initial Developer of the Original Code is
+# Netscape Communications Corporation.
+# Portions created by the Initial Developer are Copyright (C) 1994-2000
+# the Initial Developer. All Rights Reserved.
+#
+# Contributor(s):
+#
+# Alternatively, the contents of this file may be used under the terms of
+# either the GNU General Public License Version 2 or later (the "GPL"), or
+# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+# in which case the provisions of the GPL or the LGPL are applicable instead
+# of those above. If you wish to allow use of your version of this file only
+# under the terms of either the GPL or the LGPL, and not to allow others to
+# use your version of this file under the terms of the MPL, indicate your
+# decision by deleting the provisions above and replace them with the notice
+# and other provisions required by the GPL or the LGPL. If you do not delete
+# the provisions above, a recipient may use your version of this file under
+# the terms of any one of the MPL, the GPL or the LGPL.
+#
+# ***** END LICENSE BLOCK *****
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+ifeq ($(OS_ARCH), WINNT)
+
+EXTRA_LIBS += \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.$(LIB_SUFFIX) \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.$(LIB_SUFFIX) \
+ $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.$(LIB_SUFFIX) \
+ $(NULL)
+
+else
+
+EXTRA_SHARED_LIBS += \
+ -L$(NSPR_LIB_DIR) \
+ -lplc4 \
+ -lplds4 \
+ -lnspr4 \
+ $(NULL)
+
+endif
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
[...9206 lines suppressed...]
+ -i req -o "${CERTNAME}-ecmixed.cert" -f "${R_PWFILE}" "$1" 2>&1
+ if [ "$RET" -ne 0 ]; then
+ return $RET
+ fi
+
+ CU_ACTION="Import $CERTNAME's mixed EC Cert"
+ certu -A -n "${CERTNAME}-ecmixed" -t "u,u,u" -d "${PROFILEDIR}" \
+ -f "${R_PWFILE}" -i "${CERTNAME}-ecmixed.cert" 2>&1
+ if [ "$RET" -ne 0 ]; then
+ return $RET
+ fi
+ cert_log "SUCCESS: $CERTNAME's mixed EC Cert Created"
fi
return 0
@@ -695,6 +723,27 @@
#
# done with EC certs
#
+# Repeat again for mixed EC certs
+#
+ EC_CURVE="secp256r1"
+ CU_ACTION="Generate mixed EC Cert Request for $CERTNAME (ext)"
+ CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}-ecmixed at bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
+ certu -R -d "${PROFILEDIR}" -k ec -q "${EC_CURVE}" -f "${R_PWFILE}" \
+ -z "${R_NOISE_FILE}" -o req 2>&1
+
+ CU_ACTION="Sign ${CERTNAME}'s mixed EC Request (ext)"
+ cp ${CERTDIR}/req ${SERVER_CADIR}
+ certu -C -c "chain-2-serverCA" -m 201 -v 60 -d "${P_SERVER_CADIR}" \
+ -i req -o "${CERTNAME}-ecmixed.cert" -f "${R_PWFILE}" 2>&1
+
+ CU_ACTION="Import $CERTNAME's mixed EC Cert -t u,u,u (ext)"
+ certu -A -n "${CERTNAME}-ecmixed" -t "u,u,u" -d "${PROFILEDIR}" \
+ -f "${R_PWFILE}" -i "${CERTNAME}-ecmixed.cert" 2>&1
+
+# CU_ACTION="Import Client mixed EC Root CA -t T,, for $CERTNAME (ext.)"
+# certu -A -n "clientCA-ecmixed" -t "T,," -f "${R_PWFILE}" \
+# -d "${PROFILEDIR}" -i "${CLIENT_CADIR}/clientCA-ecmixed.ca.cert" \
+# 2>&1
fi
echo "Importing all the server's own CA chain into the servers DB"
@@ -758,6 +807,29 @@
#
# done with EC certs
#
+#
+# Repeat the above for mixed EC certs
+#
+ CU_ACTION="Generate mixed EC Cert Request for $CERTNAME (ext)"
+ CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}-ecmixed at bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
+ certu -R -d "${PROFILEDIR}" -k ec -q "${EC_CURVE}" -f "${R_PWFILE}" \
+ -z "${R_NOISE_FILE}" -o req 2>&1
+
+ CU_ACTION="Sign ${CERTNAME}'s mixed EC Request (ext)"
+ cp ${CERTDIR}/req ${CLIENT_CADIR}
+ certu -C -c "chain-2-clientCA" -m 301 -v 60 -d "${P_CLIENT_CADIR}" \
+ -i req -o "${CERTNAME}-ecmixed.cert" -f "${R_PWFILE}" 2>&1
+
+ CU_ACTION="Import $CERTNAME's mixed EC Cert -t u,u,u (ext)"
+ certu -A -n "${CERTNAME}-ecmixed" -t "u,u,u" -d "${PROFILEDIR}" \
+ -f "${R_PWFILE}" -i "${CERTNAME}-ecmixed.cert" 2>&1
+
+# CU_ACTION="Import Server EC Root CA -t C,C,C for $CERTNAME (ext.)"
+# certu -A -n "serverCA-ec" -t "C,C,C" -f "${R_PWFILE}" \
+# -d "${PROFILEDIR}" -i "${SERVER_CADIR}/serverCA-ec.ca.cert" 2>&1
+#
+# done with mixed EC certs
+#
fi
echo "Importing all the client's own CA chain into the servers DB"
Index: mozilla/security/nss/tests/ssl/ssl.sh
diff -u mozilla/security/nss/tests/ssl/ssl.sh:1.61.2.4 mozilla/security/nss/tests/ssl/ssl.sh:1.61.2.5
--- mozilla/security/nss/tests/ssl/ssl.sh:1.61.2.4 Wed Mar 29 20:46:19 2006
+++ mozilla/security/nss/tests/ssl/ssl.sh Thu Aug 24 17:56:37 2006
@@ -205,6 +205,9 @@
else
ECC_OPTIONS=""
fi
+ if [ "$1" = "mixed" ]; then
+ ECC_OPTIONS="-e ${HOSTADDR}-ecmixed"
+ fi
echo "selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} -n ${HOSTADDR} ${SERVER_OPTIONS} \\"
echo " ${ECC_OPTIONS} -w nss ${sparam} -i ${R_SERVERPID} $verbose &"
echo "selfserv started at `date`"
@@ -245,6 +248,8 @@
else
sparam="$CSHORT"
fi
+
+ mixed=0
start_selfserv # Launch the server
p=""
@@ -264,7 +269,34 @@
TLS_FLAG=""
fi
- is_selfserv_alive
+# These five tests need an EC cert signed with RSA
+# This requires a different certificate loaded in selfserv
+# due to a (current) NSS limitation of only loaded one cert
+# per type so the default selfserv setup will not work.
+#:C00B TLS ECDH RSA WITH NULL SHA
+#:C00C TLS ECDH RSA WITH RC4 128 SHA
+#:C00D TLS ECDH RSA WITH 3DES EDE CBC SHA
+#:C00E TLS ECDH RSA WITH AES 128 CBC SHA
+#:C00F TLS ECDH RSA WITH AES 256 CBC SHA
+
+ if [ $mixed -eq 0 ]; then
+ if [ "${param}" = ":C00B" -o "${param}" = ":C00C" -o "${param}" = ":C00D" -o "${param}" = ":C00E" -o "${param}" = ":C00F" ]; then
+ kill_selfserv
+ start_selfserv mixed
+ mixed=1
+ else
+ is_selfserv_alive
+ fi
+ else
+ if [ "${param}" = ":C00B" -o "${param}" = ":C00C" -o "${param}" = ":C00D" -o "${param}" = ":C00E" -o "${param}" = ":C00F" ]; then
+ is_selfserv_alive
+ else
+ kill_selfserv
+ start_selfserv
+ mixed=0
+ fi
+ fi
+
echo "tstclnt -p ${PORT} -h ${HOSTADDR} -c ${param} ${TLS_FLAG} ${CLIENT_OPTIONS} \\"
echo " -f -d ${P_R_CLIENTDIR} < ${REQUEST_FILE}"
@@ -335,7 +367,15 @@
echo "$SCRIPTNAME: skipping $testname (ECC only)"
elif [ "$ectype" != "#" ]; then
cparam=`echo $cparam | sed -e 's;_; ;g'`
- start_selfserv
+
+# This test needs the mixed cert
+# Stress TLS ECDH-RSA AES 128 CBC with SHA (no reuse)
+ if [ "${sparam}" = "-c_:C00E" ]; then
+ start_selfserv mixed
+ else
+ start_selfserv
+ fi
+
if [ "`uname -n`" = "sjsu" ] ; then
echo "debugging disapering selfserv... ps -ef | grep selfserv"
ps -ef | grep selfserv
Index: mozilla/security/nss/tests/ssl/sslcov.txt
diff -u mozilla/security/nss/tests/ssl/sslcov.txt:1.5.144.2 mozilla/security/nss/tests/ssl/sslcov.txt:1.5.144.3
--- mozilla/security/nss/tests/ssl/sslcov.txt:1.5.144.2 Thu Apr 13 09:53:29 2006
+++ mozilla/security/nss/tests/ssl/sslcov.txt Thu Aug 24 17:56:37 2006
@@ -59,11 +59,11 @@
ECC noTLS :C008 SSL3 ECDHE ECDSA WITH 3DES EDE CBC SHA
ECC noTLS :C009 SSL3 ECDHE ECDSA WITH AES 128 CBC SHA
ECC noTLS :C00A SSL3 ECDHE ECDSA WITH AES 256 CBC SHA
-# ECC noTLS :C00B SSL3 ECDH RSA WITH NULL SHA
-# ECC noTLS :C00C SSL3 ECDH RSA WITH RC4 128 SHA
-# ECC noTLS :C00D SSL3 ECDH RSA WITH 3DES EDE CBC SHA
-# ECC noTLS :C00E SSL3 ECDH RSA WITH AES 128 CBC SHA
-# ECC noTLS :C00F SSL3 ECDH RSA WITH AES 256 CBC SHA
+ ECC noTLS :C00B SSL3 ECDH RSA WITH NULL SHA
+ ECC noTLS :C00C SSL3 ECDH RSA WITH RC4 128 SHA
+ ECC noTLS :C00D SSL3 ECDH RSA WITH 3DES EDE CBC SHA
+ ECC noTLS :C00E SSL3 ECDH RSA WITH AES 128 CBC SHA
+ ECC noTLS :C00F SSL3 ECDH RSA WITH AES 256 CBC SHA
ECC noTLS :C010 SSL3 ECDHE RSA WITH NULL SHA
ECC noTLS :C011 SSL3 ECDHE RSA WITH RC4 128 SHA
ECC noTLS :C012 SSL3 ECDHE RSA WITH 3DES EDE CBC SHA
@@ -82,11 +82,11 @@
ECC TLS :C008 TLS ECDHE ECDSA WITH 3DES EDE CBC SHA
ECC TLS :C009 TLS ECDHE ECDSA WITH AES 128 CBC SHA
ECC TLS :C00A TLS ECDHE ECDSA WITH AES 256 CBC SHA
-# ECC TLS :C00B TLS ECDH RSA WITH NULL SHA
-# ECC TLS :C00C TLS ECDH RSA WITH RC4 128 SHA
-# ECC TLS :C00D TLS ECDH RSA WITH 3DES EDE CBC SHA
-# ECC TLS :C00E TLS ECDH RSA WITH AES 128 CBC SHA
-# ECC TLS :C00F TLS ECDH RSA WITH AES 256 CBC SHA
+ ECC TLS :C00B TLS ECDH RSA WITH NULL SHA
+ ECC TLS :C00C TLS ECDH RSA WITH RC4 128 SHA
+ ECC TLS :C00D TLS ECDH RSA WITH 3DES EDE CBC SHA
+ ECC TLS :C00E TLS ECDH RSA WITH AES 128 CBC SHA
+ ECC TLS :C00F TLS ECDH RSA WITH AES 256 CBC SHA
ECC TLS :C010 TLS ECDHE RSA WITH NULL SHA
ECC TLS :C011 TLS ECDHE RSA WITH RC4 128 SHA
ECC TLS :C012 TLS ECDHE RSA WITH 3DES EDE CBC SHA
Index: mozilla/security/nss/tests/ssl/sslstress.txt
diff -u mozilla/security/nss/tests/ssl/sslstress.txt:1.5.80.4 mozilla/security/nss/tests/ssl/sslstress.txt:1.5.80.5
--- mozilla/security/nss/tests/ssl/sslstress.txt:1.5.80.4 Mon Apr 24 05:01:57 2006
+++ mozilla/security/nss/tests/ssl/sslstress.txt Thu Aug 24 17:56:37 2006
@@ -18,7 +18,7 @@
ECC 0 -c_:C009 -c_100_-C_:C009_-N_-T Stress SSL3 ECDHE-ECDSA AES 128 CBC with SHA (no reuse)
ECC 0 -c_:C013 -c_1000_-C_:C013_-T Stress SSL3 ECDHE-RSA AES 128 CBC with SHA
ECC 0 -c_:C004 -2_-c_100_-C_:C004_-N Stress TLS ECDH-ECDSA AES 128 CBC with SHA (no reuse)
-# ECC 0 -c_:C00E -2_-c_100_-C_:C00E_-N Stress TLS ECDH-RSA AES 128 CBC with SHA (no reuse)
+ ECC 0 -c_:C00E -2_-c_100_-C_:C00E_-N Stress TLS ECDH-RSA AES 128 CBC with SHA (no reuse)
ECC 0 -c_:C013 -2_-c_1000_-C_:C013 Stress TLS ECDHE-RSA AES 128 CBC with SHA
#
# add client auth versions here...
Index: nss.spec
===================================================================
RCS file: /cvs/dist/rpms/nss/devel/nss.spec,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- nss.spec 4 Aug 2006 16:51:01 -0000 1.15
+++ nss.spec 6 Sep 2006 21:16:47 -0000 1.16
@@ -3,7 +3,7 @@
Summary: Network Security Services
Name: nss
Version: 3.11.2
-Release: 2
+Release: 3
License: MPL/GPL/LGPL
URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries
@@ -22,6 +22,8 @@
Source4: blank-key3.db
Source5: blank-secmod.db
+Patch1: nss-3_11_20060905.patch
+
%description
Network Security Services (NSS) is a set of libraries designed to
@@ -71,6 +73,7 @@
%prep
%setup -q
+%patch1 -p0
%build
@@ -326,6 +329,10 @@
%changelog
+* Wed Sep 06 2006 Kai Engert <kengert at redhat.com> - 3.11.2-3
+- Update to snapshot NSS_3_11_20060905_TAG, which
+ includes fixes for an RSA signature verification flaw.
+
* Thu Aug 03 2006 Kai Engert <kengert at redhat.com> - 3.11.2-2
- Add /etc/pki/nssdb
- Previous message (by thread): rpms/fedora-release-notes/devel fedora-release-notes.spec, 1.6, 1.7 sources, 1.6, 1.7
- Next message (by thread): rpms/eclipse/devel eclipse.spec, 1.316, 1.317 README, 1.1, NONE org.eclipse.platform.doc.isv-rm-org.eclipse.ui.workbench-Eclipse-UI-Components.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list