[OE-core] [PATCH] nss: update to 3.38
Armin Kuster
akuster808 at gmail.com
Thu Jul 5 14:13:02 UTC 2018
remove patch now included in release.
includes: CVE-2018-0495
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
...-Build-FStar.c-when-not-building-with-int.patch | 112 ---------------------
.../nss/{nss_3.37.1.bb => nss_3.38.bb} | 5 +-
2 files changed, 2 insertions(+), 115 deletions(-)
delete mode 100644 meta/recipes-support/nss/nss/0001-Bug-1432455-Build-FStar.c-when-not-building-with-int.patch
rename meta/recipes-support/nss/{nss_3.37.1.bb => nss_3.38.bb} (97%)
diff --git a/meta/recipes-support/nss/nss/0001-Bug-1432455-Build-FStar.c-when-not-building-with-int.patch b/meta/recipes-support/nss/nss/0001-Bug-1432455-Build-FStar.c-when-not-building-with-int.patch
deleted file mode 100644
index f147923..0000000
--- a/meta/recipes-support/nss/nss/0001-Bug-1432455-Build-FStar.c-when-not-building-with-int.patch
+++ /dev/null
@@ -1,112 +0,0 @@
-From fe5fd11f3f02d3625b37f8e3c592e5c3e84c1798 Mon Sep 17 00:00:00 2001
-From: Mike Hommey <mh at glandium.org>
-Date: Sun, 27 May 2018 16:20:00 +0200
-Subject: [PATCH] Bug 1432455 - Build FStar.c when not building with int128
- support. r=fkiefer
-
---HG--
-extra : amend_source : b3f739de2f592ecb9ae1f1ce5ee4fb0e04df22cb
-
-Upstream-Status: Backport
-https://hg.mozilla.org/projects/nss/rev/2209bddb98b8d105159998b9be91a155aa6bd283
-
-NSS bug https://bugzilla.mozilla.org/show_bug.cgi?format=default&id=1459739
-
-Signed-off-by: Armin Kuster <akuster808 at gmail.com>
-
----
- lib/freebl/Makefile | 6 +++++-
- lib/freebl/freebl.gyp | 29 +++++++++++++++++------------
- lib/freebl/freebl_base.gypi | 4 +++-
- 3 files changed, 25 insertions(+), 14 deletions(-)
-
-Index: nss-3.37.1/nss/lib/freebl/Makefile
-===================================================================
---- nss-3.37.1.orig/nss/lib/freebl/Makefile
-+++ nss-3.37.1/nss/lib/freebl/Makefile
-@@ -541,12 +541,16 @@ ifeq (,$(filter-out i386 x386 x86 x86_64
- # All intel architectures get the 64 bit version
- # With custom uint128 if necessary (faster than generic 32 bit version).
- ECL_SRCS += curve25519_64.c
-- VERIFIED_SRCS += Hacl_Curve25519.c FStar.c
-+ VERIFIED_SRCS += Hacl_Curve25519.c
- else
- # All non intel architectures get the generic 32 bit implementation (slow!)
- ECL_SRCS += curve25519_32.c
- endif
-
-+ifndef HAVE_INT128_SUPPORT
-+ VERIFIED_SRCS += FStar.c
-+endif
-+
- #######################################################################
- # (5) Execute "global" rules. (OPTIONAL) #
- #######################################################################
-Index: nss-3.37.1/nss/lib/freebl/freebl.gyp
-===================================================================
---- nss-3.37.1.orig/nss/lib/freebl/freebl.gyp
-+++ nss-3.37.1/nss/lib/freebl/freebl.gyp
-@@ -277,18 +277,10 @@
- 'MP_IS_LITTLE_ENDIAN',
- ],
- }],
-- [ 'OS!="win"', {
-- 'conditions': [
-- [ 'target_arch=="x64" or target_arch=="arm64" or target_arch=="aarch64"', {
-- 'defines': [
-- # The Makefile does version-tests on GCC, but we're not doing that here.
-- 'HAVE_INT128_SUPPORT',
-- ],
-- }, {
-- 'defines': [
-- 'KRML_NOUINT128',
-- ],
-- }],
-+ [ 'have_int128_support==1', {
-+ 'defines': [
-+ # The Makefile does version-tests on GCC, but we're not doing that here.
-+ 'HAVE_INT128_SUPPORT',
- ],
- }, {
- 'defines': [
-@@ -350,5 +342,18 @@
- },
- 'variables': {
- 'module': 'nss',
-+ 'conditions': [
-+ [ 'OS!="win"', {
-+ 'conditions': [
-+ [ 'target_arch=="x64" or target_arch=="arm64" or target_arch=="aarch64"', {
-+ 'have_int128_support%': 1,
-+ }, {
-+ 'have_int128_support%': 0,
-+ }],
-+ ],
-+ }, {
-+ 'have_int128_support%': 0,
-+ }],
-+ ],
- }
- }
-Index: nss-3.37.1/nss/lib/freebl/freebl_base.gypi
-===================================================================
---- nss-3.37.1.orig/nss/lib/freebl/freebl_base.gypi
-+++ nss-3.37.1/nss/lib/freebl/freebl_base.gypi
-@@ -60,7 +60,6 @@
- 'shvfy.c',
- 'sysrand.c',
- 'tlsprfalg.c',
-- 'verified/FStar.c',
- ],
- 'conditions': [
- [ 'OS=="linux" or OS=="android"', {
-@@ -220,6 +219,9 @@
- }],
- ],
- }],
-+ [ 'have_int128_support==0', {
-+ 'sources': [ 'verified/FStar.c' ],
-+ }],
- ],
- 'ldflags': [
- '-Wl,-Bsymbolic'
diff --git a/meta/recipes-support/nss/nss_3.37.1.bb b/meta/recipes-support/nss/nss_3.38.bb
similarity index 97%
rename from meta/recipes-support/nss/nss_3.37.1.bb
rename to meta/recipes-support/nss/nss_3.38.bb
index 0e8b5be..f3e5170 100644
--- a/meta/recipes-support/nss/nss_3.37.1.bb
+++ b/meta/recipes-support/nss/nss_3.38.bb
@@ -25,11 +25,10 @@ SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSIO
file://nss-fix-nsinstall-build.patch \
file://disable-Wvarargs-with-clang.patch \
file://pqg.c-ULL_addend.patch \
- file://0001-Bug-1432455-Build-FStar.c-when-not-building-with-int.patch \
"
-SRC_URI[md5sum] = "e9526d7217d02afa96b90b89924c38df"
-SRC_URI[sha256sum] = "097b30e436479ad737b3703b25b6198b6513e202731085c6f097d8853dd20405"
+SRC_URI[md5sum] = "ac9065460a7634ba8eb0f942f404e773"
+SRC_URI[sha256sum] = "2c643d3c08d6935f4d325f40743719b6990aa25a79ec2f8f712c99d086672f62"
UPSTREAM_CHECK_URI = "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_Releases"
UPSTREAM_CHECK_REGEX = "NSS_(?P<pver>.+)_release_notes"
--
2.7.4
More information about the Openembedded-core
mailing list