| Changelog |
* Mon Oct 21 2013 Matthew Harmsen <mharmsen@redhat.com> - 1.0.8-24
- Bugzilla Bug #961471 - Port Downstream Patches Upstream (mharmsen)
- Add '--enable-ecc' option to '
CFLAGS="${CFLAGS:--O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic}" ; export CFLAGS ;
CXXFLAGS="${CXXFLAGS:--O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic}" ; export CXXFLAGS ;
FFLAGS="${FFLAGS:--O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -I/usr/lib64/gfortran/modules}" ; export FFLAGS ;
FCFLAGS="${FCFLAGS:--O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -I/usr/lib64/gfortran/modules}" ; export FCFLAGS ;
LDFLAGS="${LDFLAGS:--Wl,-z,relro }"; export LDFLAGS;
for i in $(find . -name config.guess -o -name config.sub) ; do
[ -f /usr/lib/rpm/redhat/$(basename $i) ] && /usr/bin/rm -f $i && /usr/bin/cp -fv /usr/lib/rpm/redhat/$(basename $i) $i ;
done ;
./configure --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu \
--program-prefix= \
--disable-dependency-tracking \
--prefix=/usr \
--exec-prefix=/usr \
--bindir=/usr/bin \
--sbindir=/usr/sbin \
--sysconfdir=/etc \
--datadir=/usr/share \
--includedir=/usr/include \
--libdir=/usr/lib64 \
--libexecdir=/usr/libexec \
--localstatedir=/var \
--sharedstatedir=/var/lib \
--mandir=/usr/share/man \
--infodir=/usr/share/info' line under '%build' section of
this spec file (mharmsen)
- Bumped version build/runtime requirements for NSPR and NSS (mharmsen)
- [mod_nss-PK11_ListCerts_2.patch]
- Bugzilla Bug #767802 - PK11_ListCerts called to retrieve all user
certificates for every server (rcritten)
- [mod_nss-array_overrun.patch]
- Bugzilla Bug #1022717 - overrunning array when executing nss_pcache
(rcritten)
- [mod_nss-clientauth.patch]
- Bugzilla Bug #1017675 - mod_nss: FakeBasicAuth authentication bypass
[fedora-all] (rcritten)
- [mod_nss-no_shutdown_if_not_init_2.patch]
- Bugzilla Bug #1022722 - File descriptor leak after "service httpd reload"
or httpd doesn't reload (rrelyea)
- [mod_nss-proxyvariables.patch]
- Bugzilla Bug #1022726 - mod_nss insists on Required value NSSCipherSuite
not set. (mharmsen)
- [mod_nss-tlsv1_1.patch]
- Bugzilla Bug #979798 - current nss support TLS 1.1 so mod_nss should pick
it up (mharmsen)
- Bugzilla Bug #979718 - mod_nss documentation should mention TLS 1.1
(mharmsen)
- [mod_nss-sslmultiproxy_2.patch]
- Fixes Bugzilla Bug #1021469 - [RFE] Support ability to share mod_proxy with
other SSL providers (jorton, mharmsen, nkinder, & rcritten)
* Tue Jul 30 2013 Joe Orton <jorton@redhat.com> - 1.0.8-23
- add dependency on httpd-mmn
* Wed Jul 03 2013 Matthew Harmsen <mharmsen@redhat.com> - 1.0.8-22
- Moved 'nss_pcache' from %sbindir to %libexecdir
(provided compatibility link)
* Tue Jul 02 2013 Matthew Harmsen <mharmsen@redhat.com> - 1.0.8-21.1
- rpmlint mod_nss.spec
0 packages and 1 specfiles checked; 0 errors, 0 warnings.
- rpmlint mod_nss-1.0.8-21.1 (SRPM)
W: spelling-error %description -l en_US nss -> ass, nos, nus
1 packages and 0 specfiles checked; 0 errors, 1 warnings.
- rpmlint mod_nss-1.0.8-21.1 (RPM)
W: spelling-error %description -l en_US nss -> ass, nos, nus
E: non-readable /etc/httpd/alias/cert8.db 0640L
E: non-readable /etc/httpd/alias/secmod.db 0640L
E: non-readable /etc/httpd/alias/key3.db 0640L
1 packages and 0 specfiles checked; 3 errors, 1 warnings.
- rpmlint mod_nss-debuginfo-1.0.8-21.1 (RPM)
W: spelling-error Summary(en_US) nss -> ass, nos, nus
W: spelling-error %description -l en_US nss -> ass, nos, nus
1 packages and 0 specfiles checked; 0 errors, 2 warnings.
* Tue Jun 25 2013 Matthew Harmsen <mharmsen@redhat.com> - 1.0.8-21
- Bugzilla Bug #884115 - Package mod_nss-1.0.8-18.1.el7 failed RHEL7 RPMdiff
testing
- Bugzilla Bug #906082 - mod_nss requires manpages for gencert and nss_pcache
- Bugzilla Bug #906089 - Fix dangling symlinks in mod_nss
- Bugzilla Bug #906097 - Correct RPM Parse Warning in mod_nss.spec
- Bugzilla Bug #948601 - Man page scan results for mod_nss
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.8-20.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.8-19.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jun 18 2012 Joe Orton <jorton@redhat.com> - 1.0.8-18.1
- fix build for RHEL7
* Fri Jun 15 2012 Rob Crittenden <rcritten@redhat.com> - 1.0.8-18
- Actually apply the patch to use memmove in place of memcpy since the
buffers can overlap (#669118)
* Tue Jun 12 2012 Nathan Kinder <nkinder@redhat.com> - 1.0.8-17
- Port mod_nss to work with httpd 2.4
* Mon Apr 23 2012 Joe Orton <jorton@redhat.com> - 1.0.8-16
- packaging fixes/updates (#803072)
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.8-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Mar 07 2011 Rob Crittenden <rcritten@redhat.com> - 1.0.8-14
- Add Requires(post) for nss-tools, gencert needs it (#652007)
* Wed Mar 02 2011 Rob Crittenden <rcritten@redhat.com> - 1.0.8-13
- Lock around the pipe to nss_pcache for retrieving the token PIN
(#677701)
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.8-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Jan 12 2011 Rob Crittenden <rcritten@redhat.com> - 1.0.8-11
- Use memmove in place of memcpy since the buffers can overlap (#669118)
* Wed Sep 29 2010 jkeating - 1.0.8-10
- Rebuilt for gcc bug 634757
* Thu Sep 23 2010 Rob Crittenden <rcritten@redhat.com> - 1.0.8-9
- Revert mod_nss-wouldblock patch
- Reset NSPR error before calling PR_Read(). This should fix looping
in #620856
* Fri Sep 17 2010 Rob Crittenden <rcritten@redhat.com> - 1.0.8-8
- Fix hang when handling large POST under some conditions (#620856)
* Tue Jun 22 2010 Rob Crittenden <rcritten@redhat.com> - 1.0.8-7
- Remove file Requires on libnssckbi.so (#601939)
* Fri May 14 2010 Rob Crittenden <rcritten@redhat.com> - 1.0.8-6
- Ignore SIGHUP in nss_pcache (#591889).
* Thu May 13 2010 Rob Crittenden <rcritten@redhat.com> - 1.0.8-5
- Use remote hostname set by mod_proxy to compare to CN in peer cert (#591224)
* Thu Mar 18 2010 Rob Crittenden <rcritten@redhat.com> - 1.0.8-4
- Patch to add configuration options for new NSS negotiation API (#574187)
- Add (pre) for Requires on httpd so we can be sure the user and group are
already available
- Add file Requires on libnssckbi.so so symlink can't fail
- Use _sysconfdir macro instead of /etc
- Set minimum level of NSS to 3.12.6
* Mon Jan 25 2010 Rob Crittenden <rcritten@redhat.com> - 1.0.8-3
- The location of libnssckbi moved from /lib[64] to /usr/lib[64] (556744)
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Mon Mar 02 2009 Rob Crittenden <rcritten@redhat.com> - 1.0.8-1
- Update to 1.0.8
- Add patch that fixes NSPR layer bug
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.7-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Mon Aug 11 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 1.0.7-10
- fix license tag
* Mon Jul 28 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.7-9
- rebuild to bump NVR
* Mon Jul 14 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.7-8
- Don't force module de-init during the configuration stage (453508)
* Thu Jul 10 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.7-7
- Don't inherit the MP cache in multi-threaded mode (454701)
- Don't initialize NSS in each child if SSL isn't configured
* Wed Jul 02 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.7-6
- Update the patch for FIPS to include fixes for nss_pcache, enforce
the security policy and properly initialize the FIPS token.
* Mon Jun 30 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.7-5
- Include patch to fix NSSFIPS (446851)
* Mon Apr 28 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.7-4
- Apply patch so that mod_nss calls NSS_Init() after Apache forks a child
and not before. This is in response to a change in the NSS softtokn code
and should have always been done this way. (444348)
- The location of libnssckbi moved from /usr/lib[64] to /lib[64]
- The NSS database needs to be readable by apache since we need to use it
after the root priviledges are dropped.
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 1.0.7-3
- Autorebuild for GCC 4.3
* Thu Oct 18 2007 Rob Crittenden <rcritten@redhat.com> 1.0.7-2
- Register functions needed by mod_proxy if mod_ssl is not loaded.
* Fri Jun 01 2007 Rob Crittenden <rcritten@redhat.com> 1.0.7-1
- Update to 1.0.7
- Remove Requires for nss and nspr since those are handled automatically
by versioned libraries
- Updated URL and Source to reference directory.fedoraproject.org
* Mon Apr 09 2007 Rob Crittenden <rcritten@redhat.com> 1.0.6-2
- Patch to properly detect the Apache model and set up NSS appropriately
- Patch to punt if a bad password is encountered
- Patch to fix crash when password.conf is malformatted
- Don't enable ECC support as NSS doesn't have it enabled (3.11.4-0.7)
* Mon Oct 23 2006 Rob Crittenden <rcritten@redhat.com> 1.0.6-1
- Update to 1.0.6
* Fri Aug 04 2006 Rob Crittenden <rcritten@redhat.com> 1.0.3-4
- Include LogLevel warn in nss.conf and use separate log files
* Fri Aug 04 2006 Rob Crittenden <rcritten@redhat.com> 1.0.3-3
- Need to initialize ECC certificate and key variables
* Fri Aug 04 2006 Jarod Wilson <jwilson@redhat.com> 1.0.3-2
- Use %ghost for db files and install.log
* Tue Jun 20 2006 Rob Crittenden <rcritten@redhat.com> 1.0.3-1
- Initial build
|
