libnss: security bump to version 3.30.2

author Baruch Siach <baruch@tkos.co.il>

Thu, 20 Apr 2017 17:34:29 +0000 (20:34 +0300)

committer Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

Thu, 20 Apr 2017 19:53:00 +0000 (21:53 +0200)
author Baruch Siach <baruch@tkos.co.il>
Thu, 20 Apr 2017 17:34:29 +0000 (20:34 +0300)
committer Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thu, 20 Apr 2017 19:53:00 +0000 (21:53 +0200)
diff --git a/package/libnss/0001-cross-compile.patch b/package/libnss/0001-cross-compile.patch

deleted file mode 100644 (file)

index 31de71b..0000000
--- a/package/libnss/0001-cross-compile.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-This patch allows us to set a value for the cross compiler via TARGETCC without
-setting CC on the command line. CC is used for host tools as well as cross
-compiled code so we cannot define it on the command line without breaking
-the host tools build.
-
-[Gustavo: update for nss 3.16.1]
-[baruch: add OPTIMIZER handling]
-Signed-off-by: Will Newton <will.newton@imgtec.com>
-
-diff -Nuar nss-3.16.1-orig/nss/coreconf/Linux.mk nss-3.16.1/nss/coreconf/Linux.mk
---- nss-3.16.1-orig/nss/coreconf/Linux.mk      2014-05-02 06:27:18.000000000 +0300
-+++ nss-3.16.1/nss/coreconf/Linux.mk   2014-07-01 02:38:18.701480512 +0300
-@@ -16,9 +16,13 @@
-       IMPL_STRATEGY = _PTH
- endif
- 
--CC                    = gcc
--CCC                   = g++
--RANLIB                        = ranlib
-+TARGETCC              = gcc
-+TARGETCCC             = g++
-+TARGETRANLIB          = ranlib
-+
-+CC                    = $(TARGETCC)
-+CCC                   = $(TARGETCCC)
-+RANLIB                        = $(TARGETRANLIB)
- 
- DEFAULT_COMPILER = gcc
- 
-@@ -125,6 +129,7 @@
- endif
- endif
- 
-+OPTIMIZER = $(TARGET_OPTIMIZER)
- 
- ifeq ($(USE_PTHREADS),1)
- OS_PTHREAD = -lpthread 
-diff -Nuar nss-3.16.1-orig/nss/coreconf/nsinstall/Makefile nss-3.16.1/nss/coreconf/nsinstall/Makefile
---- nss-3.16.1-orig/nss/coreconf/nsinstall/Makefile    2014-05-02 06:27:18.000000000 +0300
-+++ nss-3.16.1/nss/coreconf/nsinstall/Makefile 2014-07-01 02:38:48.102185011 +0300
-@@ -31,6 +31,7 @@
- 
- ifdef NATIVE_FLAGS
- OS_CFLAGS=$(NATIVE_FLAGS)
-+OPTIMIZER=
- endif
- 
- include $(DEPTH)/coreconf/rules.mk
diff --git a/package/libnss/0001-uclibc.patch b/package/libnss/0001-uclibc.patch

new file mode 100644 (file)

index 0000000..b81db93
--- /dev/null
+++ b/package/libnss/0001-uclibc.patch
@@ -0,0 +1,20 @@
+uCLibc does not define RTLD_NOLOAD.
+
+[Gustavo: update for nss 3.16.1]
+Signed-off-by: Will Newton <will.newton@imgtec.com>
+
+diff -Nura nss-3.16.1.orig/nss/lib/freebl/stubs.c nss-3.16.1/nss/lib/freebl/stubs.c
+--- nss-3.16.1.orig/nss/lib/freebl/stubs.c     2014-06-18 10:34:30.529997002 -0300
++++ nss-3.16.1/nss/lib/freebl/stubs.c  2014-06-18 10:36:25.508882650 -0300
+@@ -594,6 +594,11 @@
+     return SECSuccess;
+ }
+ 
++/* uClibc does not define RTLD_NOLOAD. */
++#ifndef RTLD_NOLOAD
++#define RTLD_NOLOAD 0
++#endif
++
+ /*
+  * fetch the library if it's loaded. For NSS it should already be loaded
+  */
diff --git a/package/libnss/0002-uclibc.patch b/package/libnss/0002-uclibc.patch

deleted file mode 100644 (file)

index b81db93..0000000
--- a/package/libnss/0002-uclibc.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-uCLibc does not define RTLD_NOLOAD.
-
-[Gustavo: update for nss 3.16.1]
-Signed-off-by: Will Newton <will.newton@imgtec.com>
-
-diff -Nura nss-3.16.1.orig/nss/lib/freebl/stubs.c nss-3.16.1/nss/lib/freebl/stubs.c
---- nss-3.16.1.orig/nss/lib/freebl/stubs.c     2014-06-18 10:34:30.529997002 -0300
-+++ nss-3.16.1/nss/lib/freebl/stubs.c  2014-06-18 10:36:25.508882650 -0300
-@@ -594,6 +594,11 @@
-     return SECSuccess;
- }
- 
-+/* uClibc does not define RTLD_NOLOAD. */
-+#ifndef RTLD_NOLOAD
-+#define RTLD_NOLOAD 0
-+#endif
-+
- /*
-  * fetch the library if it's loaded. For NSS it should already be loaded
-  */
diff --git a/package/libnss/0003-it-uninitialized-fix.patch b/package/libnss/0003-it-uninitialized-fix.patch

deleted file mode 100644 (file)

index 7736c6a..0000000
--- a/package/libnss/0003-it-uninitialized-fix.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-# HG changeset patch
-# User catdesk <catdesk@tuta.io>
-# Date 1477710600 -7200
-#      Sat Oct 29 05:10:00 2016 +0200
-# Node ID b9ef971b94ab110302d49255339077bc1b4aed7f
-# Parent  eb8c96563cd70aa69d48b01516085f7d2fb46178
-Bug 1313846 - Declare 'it = NULL' earlier. r=franziskus
-
-[Thomas: patch taken from upstream mercurial repository, revision
-12791.]
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-
-diff -r eb8c96563cd7 -r b9ef971b94ab lib/jar/jarfile.c
---- a/nss/lib/jar/jarfile.c    Mon Oct 31 17:31:20 2016 +0100
-+++ b/nss/lib/jar/jarfile.c    Sat Oct 29 05:10:00 2016 +0200
-@@ -657,7 +657,7 @@
- jar_listzip(JAR *jar, JAR_FILE fp)
- {
-     ZZLink *ent;
--    JAR_Item *it;
-+    JAR_Item *it = NULL;
-     JAR_Physical *phy = NULL;
-     struct ZipLocal *Local = PORT_ZNew(struct ZipLocal);
-     struct ZipCentral *Central = PORT_ZNew(struct ZipCentral);
diff --git a/package/libnss/libnss.hash b/package/libnss/libnss.hash

index 975e52d2385015664d3fa269bd739b6ab753513d..7be7e48a69514cd79042268c46a79a2b816aa848 100644 (file)
--- a/package/libnss/libnss.hash
+++ b/package/libnss/libnss.hash
@@ -1,2 +1,2 @@
-# From https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_27_2_RTM/src/SHA256SUMS
-sha256 dc8ac8524469d0230274fd13a53fdcd74efe4aa67205dde1a4a92be87dc28524        nss-3.27.2.tar.gz
+# From https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_30_2_RTM/src/SHA256SUMS
+sha256 0d4a77ff26bcee79fa8afe0125e0df6ae9e798b6b36782fa29e28febf7cfce24        nss-3.30.2.tar.gz
diff --git a/package/libnss/libnss.mk b/package/libnss/libnss.mk

index d624cde09507040ee1787ecad43a2927cca5a03e..1e157df1df3c83af38dce51f0c4621bbfdca3766 100644 (file)
--- a/package/libnss/libnss.mk
+++ b/package/libnss/libnss.mk
@@ -4,7 +4,7 @@
  #
  ################################################################################
  
-LIBNSS_VERSION = 3.27.2
+LIBNSS_VERSION = 3.30.2
  LIBNSS_SOURCE = nss-$(LIBNSS_VERSION).tar.gz
  LIBNSS_SITE = https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_$(subst .,_,$(LIBNSS_VERSION))_RTM/src
  LIBNSS_DISTDIR = dist
@@ -33,9 +33,6 @@ LIBNSS_BUILD_VARS = \
         NSS_USE_SYSTEM_SQLITE=1 \
         NSS_ENABLE_ECC=1 \
         NATIVE_CC="$(HOSTCC)" \
-       TARGETCC="$(TARGET_CC)" \
-       TARGETCCC="$(TARGET_CXX)" \
-       TARGETRANLIB="$(TARGET_RANLIB)" \
         OS_ARCH="Linux" \
         OS_RELEASE="2.6" \
         OS_TEST="$(ARCH)"
@@ -55,17 +52,16 @@ endif
  endif
  
  define LIBNSS_BUILD_CMDS
-       $(TARGET_MAKE_ENV) $(MAKE1) -C $(@D)/nss coreconf \
+       $(TARGET_CONFIGURE_OPTS) $(MAKE1) -C $(@D)/nss coreconf \
                 SOURCE_MD_DIR=$(@D)/$(LIBNSS_DISTDIR) \
                 DIST=$(@D)/$(LIBNSS_DISTDIR) \
                 CHECKLOC= \
                 $(LIBNSS_BUILD_VARS)
-       $(TARGET_MAKE_ENV) $(MAKE1) -C $(@D)/nss lib/dbm all \
+       $(TARGET_CONFIGURE_OPTS) $(MAKE1) -C $(@D)/nss lib/dbm all \
                 SOURCE_MD_DIR=$(@D)/$(LIBNSS_DISTDIR) \
                 DIST=$(@D)/$(LIBNSS_DISTDIR) \
                 CHECKLOC= \
-               $(LIBNSS_BUILD_VARS) TARGET_OPTIMIZER="$(TARGET_CFLAGS)" \
-               NATIVE_FLAGS="$(HOST_CFLAGS)"
+               $(LIBNSS_BUILD_VARS) NATIVE_FLAGS="$(HOST_CFLAGS)"
  endef
  
  define LIBNSS_INSTALL_STAGING_CMDS
author	Baruch Siach <baruch@tkos.co.il>
	Thu, 20 Apr 2017 17:34:29 +0000 (20:34 +0300)
committer	Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
	Thu, 20 Apr 2017 19:53:00 +0000 (21:53 +0200)
package/libnss/0001-cross-compile.patch	[deleted file]	patch \| blob \| history
package/libnss/0001-uclibc.patch	[new file with mode: 0644]	patch \| blob
package/libnss/0002-uclibc.patch	[deleted file]	patch \| blob \| history
package/libnss/0003-it-uninitialized-fix.patch	[deleted file]	patch \| blob \| history
package/libnss/libnss.hash		patch \| blob \| history
package/libnss/libnss.mk		patch \| blob \| history