|
|
@@ -1,6 +1,6 @@
|
|
|
%define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}
|
|
|
|
|
|
-%define nspr_version 4.32
|
|
|
+%define nspr_version 4.35
|
|
|
%define pem_version 1.0.8
|
|
|
%define unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
|
|
%global allTools "certutil cmsutil crlutil derdump modutil pk12util pp signtool signver ssltap vfychain vfyserv"
|
|
|
@@ -27,7 +27,7 @@
|
|
|
|
|
|
Summary: Network Security Services
|
|
|
Name: nss
|
|
|
-Version: 3.73
|
|
|
+Version: 3.85
|
|
|
Release: 1%{?_dist_release}
|
|
|
Group: system
|
|
|
Vendor: Project Vine
|
|
|
@@ -62,14 +62,6 @@ Source104: nss-softokn-config.in
|
|
|
Source1000: https://github.com/kdudka/nss-pem/releases/download/nss-pem-%{pem_version}/nss-pem-%{pem_version}.tar.xz
|
|
|
Source1001: pem-makefile.tar.gz
|
|
|
|
|
|
-Patch2: add-relro-linker-option.patch
|
|
|
-Patch3: renegotiate-transitional.patch
|
|
|
-# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=617723
|
|
|
-Patch16: nss-539183.patch
|
|
|
-# Fedora / RHEL-only patch, the templates directory was originally introduced to support mod_revocator
|
|
|
-Patch47: utilwrap-include-templates.patch
|
|
|
-# TODO remove when we switch to building nss without softoken
|
|
|
-Patch49: nss-skip-bltest-and-fipstest.patch
|
|
|
# This patch uses the GCC -iquote option documented at
|
|
|
# http://gcc.gnu.org/onlinedocs/gcc/Directory-Options.html#Directory-Options
|
|
|
# to give the in-tree headers a higher priority over the system headers,
|
|
|
@@ -79,15 +71,17 @@ Patch49: nss-skip-bltest-and-fipstest.patch
|
|
|
# case when starting an update with API changes or even private export
|
|
|
# changes.
|
|
|
#
|
|
|
-# Once the buildroot aha been bootstrapped the patch may be removed
|
|
|
+# Once the buildroot has been bootstrapped the patch may be removed
|
|
|
# but it doesn't hurt to keep it.
|
|
|
-Patch50: iquote.patch
|
|
|
-# Local patch for TLS_ECDHE_{ECDSA|RSA}_WITH_3DES_EDE_CBC_SHA ciphers
|
|
|
-Patch58: rhbz1185708-enable-ecc-3des-ciphers-by-default.patch
|
|
|
-Patch62: nss-skip-util-gtest.patch
|
|
|
+Patch4: iquote.patch
|
|
|
+Patch12: nss-signtool-format.patch
|
|
|
+# fedora disabled dbm by default
|
|
|
+Patch40: nss-no-dbm-man-page.patch
|
|
|
|
|
|
-# dropped: get same effect by sed
|
|
|
-#Patch1000: nss-enable-pem.patch
|
|
|
+# upstream bug https://bugzilla.mozilla.org/show_bug.cgi?id=1774654
|
|
|
+Patch50: nss-3.79-fix-client-cert-crash.patch
|
|
|
+# https://bugzilla.mozilla.org/show_bug.cgi?id=1774659
|
|
|
+Patch51: nss-3.79-dbtool.patch
|
|
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
|
|
BuildRequires: nspr-devel >= %{nspr_version}
|
|
|
@@ -172,12 +166,8 @@ tar xvf %{SOURCE1001}
|
|
|
perl -pi -e 's/^#define USE_UTIL_DIRECTLY.*$//' ckpem.h
|
|
|
popd
|
|
|
|
|
|
-%patch2 -p0 -b .relro
|
|
|
-%patch3 -p0 -b .transitional
|
|
|
-%patch16 -p0 -b .539183
|
|
|
-%patch50 -p0 -b .iquote
|
|
|
pushd nss
|
|
|
-%patch62 -p1 -b .skip_util_gtest
|
|
|
+%autopatch -p1 -M 99
|
|
|
popd
|
|
|
|
|
|
# enable nss-pem
|
|
|
@@ -615,6 +605,9 @@ chmod 755 $RPM_BUILD_ROOT/%{_bindir}/nss-softokn-config
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
+* Sun Nov 20 2022 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 3.85-1
|
|
|
+- update to 3.85.
|
|
|
+
|
|
|
* Fri Dec 17 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 3.73-1
|
|
|
- update to 3.73.
|
|
|
- updated nss-pem to 1.0.8.
|
