rpms/nss/F-11 533125-ammend.patch, NONE, 1.1 .cvsignore, 1.26, 1.27 sources, 1.27, 1.28 nss.spec, 1.77, 1.78
Elio Maldonado
emaldonado at fedoraproject.org
Tue Dec 8 18:47:47 UTC 2009
Author: emaldonado
Update of /cvs/extras/rpms/nss/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv16583
Modified Files:
.cvsignore sources nss.spec
Added Files:
533125-ammend.patch
Log Message:
CVE-2009-3555 TLS: MITM attacks via session renegotiation
533125-ammend.patch:
ssl3con.c | 2 ++
1 file changed, 2 insertions(+)
--- NEW FILE 533125-ammend.patch ---
Index: mozilla/security/nss/lib/ssl/ssl3con.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/ssl/ssl3con.c,v
retrieving revision 1.121
diff -u -p -r1.121 ssl3con.c
--- mozilla/security/nss/lib/ssl/ssl3con.c 12 Nov 2009 05:08:27 -0000 1.121
+++ mozilla/security/nss/lib/ssl/ssl3con.c 20 Nov 2009 19:36:30 -0000
@@ -4004,6 +4004,7 @@ ssl3_HandleHelloRequest(sslSocket *ss)
PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST);
return SECFailure;
}
+ /*
if (ss->opt.enableRenegotiation == SSL_RENEGOTIATE_NEVER) {
ssl_GetXmitBufLock(ss);
rv = SSL3_SendAlert(ss, alert_warning, no_renegotiation);
@@ -4011,6 +4012,7 @@ ssl3_HandleHelloRequest(sslSocket *ss)
PORT_SetError(SSL_ERROR_RENEGOTIATION_NOT_ALLOWED);
return SECFailure;
}
+ */
if (sid) {
ss->sec.uncache(sid);
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/nss/F-11/.cvsignore,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -p -r1.26 -r1.27
--- .cvsignore 7 Sep 2009 21:34:58 -0000 1.26
+++ .cvsignore 8 Dec 2009 18:47:47 -0000 1.27
@@ -1,2 +1,2 @@
-nss-3.12.4-stripped.tar.bz2
+nss-3.12.5-stripped.tar.bz2
nss-pem-20090907.tar.bz2
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/nss/F-11/sources,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -p -r1.27 -r1.28
--- sources 7 Sep 2009 21:34:58 -0000 1.27
+++ sources 8 Dec 2009 18:47:47 -0000 1.28
@@ -1,2 +1,2 @@
-954834f7b173bdab366a19880c671c39 nss-3.12.4-stripped.tar.bz2
+51c5958153b6c01fada2e74cedc66835 nss-3.12.5-stripped.tar.bz2
895ef804e11c14868e86df80c2dd9b66 nss-pem-20090907.tar.bz2
Index: nss.spec
===================================================================
RCS file: /cvs/extras/rpms/nss/F-11/nss.spec,v
retrieving revision 1.77
retrieving revision 1.78
diff -u -p -r1.77 -r1.78
--- nss.spec 17 Sep 2009 21:11:30 -0000 1.77
+++ nss.spec 8 Dec 2009 18:47:47 -0000 1.78
@@ -13,8 +13,8 @@
Summary: Network Security Services
Name: nss
-Version: 3.12.4
-Release: 3%{?dist}
+Version: 3.12.5
+Release: 1%{?dist}.3
License: MPLv1.1 or GPLv2+ or LGPLv2+
URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries
@@ -42,6 +42,7 @@ Source12: %{name}-pem-20090907.t
Patch2: nss-nolocalsql.patch
Patch6: nss-enable-pem.patch
+Patch7: 533125-ammend.patch
%description
Network Security Services (NSS) is a set of libraries designed to
@@ -110,7 +111,7 @@ low level services.
%patch2 -p0
%patch6 -p0 -b .libpem
-
+%patch7 -p0 -b .533125
%build
@@ -471,6 +472,9 @@ done
%changelog
+* Fri Dec 06 2009 Elio Maldonado<emaldona at redhat.com> - 3.12.5-1
+- Update to 3.12.5
+
* Thu Sep 17 2009 Elio Maldonado<emaldona at redhat.com> - 3.12.4-3
- Add nssdbm3.so to nss-prelink.conf, rhbz#524075
More information about the scm-commits
mailing list