Hello community, here is the log from the commit of package mozilla-nss for openSUSE:Factory checked in at 2018-06-15 14:32:31 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mozilla-nss (Old) and /work/SRC/openSUSE:Factory/.mozilla-nss.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mozilla-nss" Fri Jun 15 14:32:31 2018 rev:136 rq:614946 version:3.36.4 Changes: -------- --- /work/SRC/openSUSE:Factory/mozilla-nss/mozilla-nss.changes 2018-04-26 13:21:44.495880048 +0200 +++ /work/SRC/openSUSE:Factory/.mozilla-nss.new/mozilla-nss.changes 2018-06-15 14:32:34.930394330 +0200 @@ -1,0 +2,13 @@ +Thu Jun 7 12:30:44 UTC 2018 - [email protected] + +- update to NSS 3.36.4 + * required for Firefox 60.0.2 (bsc#1096515) + * Fix crash on macOS related to authentication tokens, e.g. PK11or + WebAuthn. (bmo#1461731) + Bugfixes from 3.36.2 + * Connecting to a server that was recently upgraded to TLS 1.3 + would result in a SSL_RX_MALFORMED_SERVER_HELLO error. (bmo#1462303) + * Fix a rare bug with PKCS#12 files. (bmo#1460673) +- use relro linker option (add-relro-linker-option.patch) + +------------------------------------------------------------------- Old: ---- nss-3.36.1.tar.gz New: ---- add-relro-linker-option.patch nss-3.36.4.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mozilla-nss.spec ++++++ --- /var/tmp/diff_new_pack.vIkgXy/_old 2018-06-15 14:32:36.922321472 +0200 +++ /var/tmp/diff_new_pack.vIkgXy/_new 2018-06-15 14:32:36.926321325 +0200 @@ -25,7 +25,7 @@ BuildRequires: pkg-config BuildRequires: sqlite-devel BuildRequires: zlib-devel -Version: 3.36.1 +Version: 3.36.4 Release: 0 # bug437293 %ifarch ppc64 @@ -36,8 +36,8 @@ License: MPL-2.0 Group: System/Libraries Url: http://www.mozilla.org/projects/security/pki/nss/ -Source: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_36_1_RTM/src/nss-%{version}.tar.gz -# hg clone https://hg.mozilla.org/projects/nss nss-3.36.1/nss ; cd nss-3.36.1/nss ; hg up NSS_3_36_1_RTM +Source: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_36_4_RTM/src/nss-%{version}.tar.gz +# hg clone https://hg.mozilla.org/projects/nss nss-3.36.4/nss ; cd nss-3.36.4/nss ; hg up NSS_3_36_4_RTM #Source: nss-%{version}.tar.gz Source1: nss.pc.in Source3: nss-config.in @@ -52,6 +52,7 @@ Patch1: nss-opt.patch Patch2: system-nspr.patch Patch3: nss-no-rpath.patch +Patch4: add-relro-linker-option.patch Patch5: malloc.patch Patch6: nss-disable-ocsp-test.patch Patch7: nss-sqlitename.patch @@ -170,6 +171,7 @@ %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 %if %suse_version > 1110 %patch5 -p1 %endif ++++++ add-relro-linker-option.patch ++++++ diff -up nss/coreconf/Linux.mk.relro nss/coreconf/Linux.mk --- nss/coreconf/Linux.mk.relro 2013-04-09 14:29:45.943228682 -0700 +++ nss/coreconf/Linux.mk 2013-04-09 14:31:26.194953927 -0700 @@ -174,6 +174,12 @@ endif endif endif +# harden DSOs/executables a bit against exploits +ifeq (2.6,$(firstword $(sort 2.6 $(OS_RELEASE)))) +DSO_LDOPTS+=-Wl,-z,relro +LDFLAGS += -Wl,-z,relro +endif + USE_SYSTEM_ZLIB = 1 ZLIB_LIBS = -lz ++++++ nss-3.36.1.tar.gz -> nss-3.36.4.tar.gz ++++++ /work/SRC/openSUSE:Factory/mozilla-nss/nss-3.36.1.tar.gz /work/SRC/openSUSE:Factory/.mozilla-nss.new/nss-3.36.4.tar.gz differ: char 5, line 1
