Fedora 17 Update: nss-3.14-7.fc17

Wed Dec 12 04:34:09 UTC 2012

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-19006
2012-11-26 01:29:07
--------------------------------------------------------------------------------

Name        : nss
Product     : Fedora 17
Version     : 3.14
Release     : 7.fc17
URL         : http://www.mozilla.org/projects/security/pki/nss/
Summary     : Network Security Services
Description :
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications. Applications built with NSS can support SSL v2
and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509
v3 certificates, and other security standards.

--------------------------------------------------------------------------------
Update Information:

Update to nss-3.14.

The release notes are at https://developer.mozilla.org/en-US/docs/NSS/NSS_3.14_release_notes

Please update the entire set at once to prevent conflicts.

As part of the nss-3.14 upstream work some headers moved to their rightful places. 

This change had the effect in fedora, where nss is split into mutiple packages, of some headers moving from one devel rpm to another.

Those file ownership "swaps" could result in updates conflicts if one updates the packages separately. 

For example, trying to install nss-util-devel resulted in an install conflict with nss-softokn-devel. 

Two other headers moved from nss-softokn-devel to nss-devel changing package owners. 

Testing shows that such conflicts do not occur when updating the full set as a whole.

--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 19 2012 Elio Maldonado <emaldona at redhat.com> - 3.14-7
- Bug 870864 - Add support in NSS for Secure Boot
* Fri Nov  9 2012 Elio Maldonado <emaldona at redhat.com> - 3.14-6
- Disable bypass code at build time and return failure on attempts to enable at runtime
- Bug 806588 - Disable SSL PKCS #11 bypass at build time
- Fix changelog release tags to match what was actually built
* Mon Nov  5 2012 Elio Maldonado <emaldona at redhat.com> - 3.14-5
- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs
- Bug 872124 - nss-3.14 breaks fedpkg new-sources
* Thu Nov  1 2012 Elio Maldonado <emaldona at redhat.com> - 3.14-4
- Add a dummy source file for testing /preventing fedpkg breakage
- Helps test the fedpkg new-sources and upload commands for breakage by nss updates
- Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources
* Thu Nov  1 2012 Elio Maldonado <emaldona at redhat.com> - 3.14-3
- Reenable patch to set NSS_SSL_CBC_RANDOM_IV to 1 by default
- Update the patch to account for the new sources
- Resolves Bug 872124 - nss 3.14 breaks fedpkg new-sources
* Wed Oct 31 2012 Elio Maldonado <emaldona at redhat.com> - 3.14-2
- Fix the spec file so sechash.h gets installed
- Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14
* Sat Oct 27 2012 Elio Maldonado <emaldona at redhat.com> - 3.14-4
- Update the license to MPLv2.0
* Wed Oct 24 2012 Elio Maldonado <emaldona at redhat.com> - 3.14-3
- Use only -f when removing unwanted headers
* Tue Oct 23 2012 Elio Maldonado <emaldona at redhat.com> - 3.14-2
- Add secmodt.h to the headers installed by nss-devel
- nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14
* Mon Oct 22 2012 Elio Maldonado <emaldona at redhat.com> - 3.14-1
- Update to NSS_3_14_RTM
* Sun Oct 21 2012 Elio Maldonado <emaldona at redhat.com> - 3.14-0.1.rc.1
- Update to NSS_3_14_RC1
- update nss-589636.patch to apply to httpdserv
- turn off ocsp tests for now
- remove no longer needed patches
- remove headers shipped by nss-util
* Fri Oct  5 2012 Kai Engert <kaie at redhat.com> - 3.13.6-1
- Update to NSS_3_13_6_RTM
* Fri Aug 31 2012 Elio Maldonado <emaldona at redhat.com> - 3.13.5-8
- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3
- Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load
- Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer 
- Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix
- Selective merge from master
* Mon Aug 13 2012 Elio Maldonado <emaldona at redhat.com> - 3.13.5-7
- Fix pluggable ecc support
* Sun Jul  1 2012 Elio Maldonado <emaldona at redhat.com> - 3.13.5-1
- Update to NSS_3_13_5_RTM
- Resolves: Bug 830410 - Missing Requires %{?_isa}
- Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools
- Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib
- Enable sha224 portion of powerup selftest when running test suites
- Require nspr 4.9.1
- Selective merge from master
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #806588 - Disable SSL PKCS #11 bypass at build time
        https://bugzilla.redhat.com/show_bug.cgi?id=806588
  [ 2 ] Bug #871882 - missing header: sechash.h in nss 3.14
        https://bugzilla.redhat.com/show_bug.cgi?id=871882
  [ 3 ] Bug #872124 - nss 3.14 breaks fedpkg new-sources
        https://bugzilla.redhat.com/show_bug.cgi?id=872124
  [ 4 ] Bug #870864 - Add support in NSS for Secure Boot
        https://bugzilla.redhat.com/show_bug.cgi?id=870864
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update nss' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------