Hello community, here is the log from the commit of package mozilla-nss for openSUSE:Factory checked in at 2014-02-26 23:20:34 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mozilla-nss (Old) and /work/SRC/openSUSE:Factory/.mozilla-nss.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "mozilla-nss" Changes: -------- --- /work/SRC/openSUSE:Factory/mozilla-nss/mozilla-nss.changes 2014-02-06 07:06:31.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.mozilla-nss.new/mozilla-nss.changes 2014-02-26 23:20:37.000000000 +0100 @@ -1,0 +2,32 @@ +Tue Feb 25 11:31:18 UTC 2014 - wr@rosenauer.org + +- update to 3.15.5 + * required for Firefox 28 + * export FREEBL_LOWHASH to get the correct default headers + (bnc#865539) + New functionality + * Added support for the TLS application layer protocol negotiation + (ALPN) extension. Two SSL socket options, SSL_ENABLE_NPN and + SSL_ENABLE_ALPN, can be used to control whether NPN or ALPN (or both) + should be used for application layer protocol negotiation. + * Added the TLS padding extension. The extension type value is 35655, + which may change when an official extension type value is assigned + by IANA. NSS automatically adds the padding extension to ClientHello + when necessary. + * Added a new macro CERT_LIST_TAIL, defined in certt.h, for getting + the tail of a CERTCertList. + Notable Changes + * bmo#950129: Improve the OCSP fetching policy when verifying OCSP + responses + * bmo#949060: Validate the iov input argument (an array of PRIOVec + structures) of ssl_WriteV (called via PR_Writev). Applications should + still take care when converting struct iov to PRIOVec because the + iov_len members of the two structures have different types + (size_t vs. int). size_t is unsigned and may be larger than int. + +------------------------------------------------------------------- +Thu Feb 20 10:55:30 UTC 2014 - aj@ajaissle.de + +- BuildRequire mozilla-nspr >= 4.9 + +------------------------------------------------------------------- Old: ---- nss-3.15.4.tar.gz New: ---- nss-3.15.5.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mozilla-nss.spec ++++++ --- /var/tmp/diff_new_pack.7RKjuH/_old 2014-02-26 23:20:39.000000000 +0100 +++ /var/tmp/diff_new_pack.7RKjuH/_new 2014-02-26 23:20:39.000000000 +0100 @@ -21,11 +21,11 @@ Name: mozilla-nss BuildRequires: gcc-c++ -BuildRequires: mozilla-nspr-devel +BuildRequires: mozilla-nspr-devel >= 4.9 BuildRequires: pkg-config BuildRequires: sqlite-devel BuildRequires: zlib-devel -Version: 3.15.4 +Version: 3.15.5 Release: 0 # bug437293 %ifarch ppc64 @@ -36,8 +36,8 @@ License: MPL-2.0 Group: System/Libraries Url: http://www.mozilla.org/projects/security/pki/nss/ -Source: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_15_4_RTM/src/nss-%{version}.tar.gz -# hg clone https://hg.mozilla.org/projects/nss nss-3.15.4/nss ; cd nss-3.15.4/nss ; hg up NSS_3_15_4_RTM +Source: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_15_5_RTM/src/nss-%{version}.tar.gz +# hg clone https://hg.mozilla.org/projects/nss nss-3.15.5/nss ; cd nss-3.15.5/nss ; hg up NSS_3_15_5_RTM #Source: nss-%{version}.tar.gz Source1: nss.pc.in Source3: nss-config.in @@ -85,7 +85,7 @@ Group: Development/Libraries/Other Requires: libfreebl3 Requires: libsoftokn3 -Requires: mozilla-nspr-devel +Requires: mozilla-nspr-devel >= 4.9 Requires: mozilla-nss = %{version}-%{release} # bug437293 %ifarch ppc64 @@ -185,6 +185,7 @@ find . -name '*.[ch]' -print -exec sed -i "s/__DATE__/${DATE}/g;s/__TIME__/${TIME}/g" {} + export FREEBL_NO_DEPEND=1 +export FREEBL_LOWHASH=1 export NSPR_INCLUDE_DIR=`nspr-config --includedir` export NSPR_LIB_DIR=`nspr-config --libdir` export OPT_FLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" ++++++ nss-3.15.4.tar.gz -> nss-3.15.5.tar.gz ++++++ /work/SRC/openSUSE:Factory/mozilla-nss/nss-3.15.4.tar.gz /work/SRC/openSUSE:Factory/.mozilla-nss.new/nss-3.15.5.tar.gz differ: char 5, line 1 ++++++ renegotiate-transitional.patch ++++++ --- /var/tmp/diff_new_pack.7RKjuH/_old 2014-02-26 23:20:39.000000000 +0100 +++ /var/tmp/diff_new_pack.7RKjuH/_new 2014-02-26 23:20:39.000000000 +0100 @@ -1,12 +1,8 @@ diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c +index e6b2387..87fbe1d 100644 --- a/lib/ssl/sslsock.c +++ b/lib/ssl/sslsock.c -@@ -144,17 +144,17 @@ static sslOptions ssl_defaults = { - PR_FALSE, /* fdx */ - PR_FALSE, /* v2CompatibleHello */ /* now defaults to off in NSS 3.13 */ - PR_TRUE, /* detectRollBack */ - PR_FALSE, /* noStepDown */ - PR_FALSE, /* bypassPKCS11 */ +@@ -74,7 +74,7 @@ static sslOptions ssl_defaults = { PR_FALSE, /* noLocks */ PR_FALSE, /* enableSessionTickets */ PR_FALSE, /* enableDeflate */ @@ -15,8 +11,3 @@ PR_FALSE, /* requireSafeNegotiation */ PR_FALSE, /* enableFalseStart */ PR_TRUE, /* cbcRandomIV */ - PR_FALSE /* enableOCSPStapling */ - }; - - /* - * default range of enabled SSL/TLS protocols -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org