3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

69 commits

Author SHA1 Message Date
Eelco Dolstra 6aabe2e4bb nss: 3.24 -> 3.26 2016-08-11 15:20:35 +02:00
rnhmjoj f2842da8b2
nss: 3.23 -> 3.24 2016-08-07 23:38:03 +02:00
Eelco Dolstra cb37ab146b Add mirror://mozilla scheme 2016-05-09 19:37:22 +02:00
Vladimír Čunát ab15a62c68 Merge branch 'master' into closure-size
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
Franz Pletz 1a9b272c09 nss: 3.22.2 -> 3.23 (security)
Fixes CVE-2016-1950.

See: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.23_release_notes
2016-03-21 21:27:59 +01:00
Domen Kožar 603ea2652f nss: 3.22 -> 3.22.2 (CVE-2016-1950) 2016-03-11 12:18:18 +00:00
Vladimír Čunát d039c87984 Merge branch 'master' into closure-size 2016-02-14 08:33:51 +01:00
Eelco Dolstra 1f952e0172 nss: 3.21 -> 3.22 2016-02-12 16:10:59 +01:00
Vladimír Čunát f9f6f41bff Merge branch 'master' into closure-size
TODO: there was more significant refactoring of qtbase and plasma 5.5
on master, and I'm deferring pointing to correct outputs to later.
2015-12-31 09:53:02 +01:00
Eelco Dolstra 86bf3662df nss: 3.20.1 -> 3.21 2015-12-16 16:18:42 +01:00
Luca Bruno e289717414 rename moveToOutput and propagatedBuildInputs 2015-12-02 10:05:36 +01:00
Vladimír Čunát 333d69a5f0 Merge staging into closure-size
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00
William A. Kennington III e8cbf833ef nss: 3.20 -> 3.20.1 2015-11-04 00:58:28 -08:00
Vladimír Čunát ba9b80c7e0 nspr,nss: split into multiple outputs
Hopefully most references are OK.
2015-10-13 20:18:44 +02:00
William A. Kennington III ec18091961 nss: Add platforms 2015-09-18 14:52:52 -07:00
William A. Kennington III b5d599af8c nss: 3.19.3 -> 3.20 2015-08-20 15:32:47 -07:00
Eelco Dolstra 36ab9c695a nss: Update to 3.19.3 2015-08-11 14:26:30 +02:00
William A. Kennington III f80dc98ca9 nss: 3.19.1 -> 3.19.2 2015-06-24 18:14:17 -07:00
Eelco Dolstra 98a4eabd99 Revert "qemu: 2.2.2 -> 2.3.0"
This reverts commit 19c259161b.
2015-06-04 14:54:48 +02:00
William A. Kennington III 5483697ab1 nss: 3.19 -> 3.19.1 2015-05-29 15:29:53 -07:00
William A. Kennington III 19c259161b qemu: 2.2.2 -> 2.3.0 2015-05-20 18:30:22 -07:00
William A. Kennington III 9f337e8cc7 nss: 3.18.1 -> 3.19 2015-05-08 06:14:35 -07:00
Eelco Dolstra 1d8590afe4 nss: Update to 3.18.1 2015-04-21 16:53:43 +02:00
William A. Kennington III 7215167342 nss: 3.17.4 -> 3.18 2015-03-27 11:37:06 -07:00
Eelco Dolstra 843f21fd6a nss: Update to 3.17.4 2015-02-24 18:50:04 +01:00
William A. Kennington III ffee9f6a92 nss: Fix gentoo patch to specify library path in nss.pc 2015-01-02 00:24:49 -08:00
Vladimír Čunát 2e1bb14b93 nss: security update fixing CVE-2014-1569 2014-12-02 21:51:25 +01:00
Eelco Dolstra f445fb8240 nss: Update to 3.17.2 2014-10-14 22:53:56 +02:00
Eelco Dolstra 711d67263a nss: Update to 3.16.5
CVE-2014-1568
2014-09-25 11:43:23 +02:00
Eelco Dolstra b3b06af89a nss: Update to 3.16.4 2014-09-03 22:51:55 +02:00
Eelco Dolstra ea0013a0d9 nss: Update to 3.16.3 2014-07-23 17:28:36 +02:00
Eelco Dolstra ec332f520c nss: Update to 3.16.1 2014-05-19 16:04:32 +02:00
Eelco Dolstra 6fe24bda2d nss: Update to 3.16 2014-04-22 14:55:51 +02:00
James Cook ce5f84ce56 nss: update to 3.15.4 2014-02-06 12:15:43 -08:00
Domen Kožar 5b982bd090 nss: patch http location moved, let's keep it in filesystem 2014-01-22 10:46:37 +01:00
Eelco Dolstra 72feb8e011 nss: Update to 3.15.3.1
http://www.mozilla.org/security/announce/2013/mfsa2013-117.html
2014-01-06 17:42:32 +01:00
Ricardo M. Correia 94536ea09f nss: Fix patch download URL 2013-12-24 11:16:58 +01:00
Shea Levy 2909634cac nss: Bump
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-11-18 15:39:13 -05:00
Eelco Dolstra 11960d2f47 nss: Update to 3.15.2 2013-10-15 17:24:33 +02:00
Eelco Dolstra d17f7d2fdf nss: Update to 3.15.1 2013-08-07 17:12:33 +02:00
aszlig 964621438a nss: Update to version 3.14.3.
This update involves a bunch of fixes on our side:

Update the Gentoo patch to 3.14.1 from http://bit.ly/ZG8OK5 and drop the older
one from http://bit.ly/15mN0X1 (for 3.12.5).

While checking the old patch from Gentoo, I discovered, that the patch added in
revision 06c543b11d wasn't the original one in the
Gentoo repository.

Instead of doing the same again, we now patch up our specific modifications
using sed within the postPatch hook.

In addition to that, we now have another patch from RedHat/Fedora which syncs
the NSS PEM support repository with the latest upstream changes. Patch is coming
from the SRPM at http://koji.fedoraproject.org/koji/rpminfo?rpmID=3772072 and I
just stripped the "0001-" prefix from the filename.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-03-01 09:42:38 +01:00
Mathijs Kwik 6f90b481db nss: add yet another mirror to get the patch from
the original url throws 500
the mirror's patch differs (probably upgraded for newer nss)
so I found one more source, with a (versioned) url
2013-01-13 14:30:55 +01:00
Eelco Dolstra df5cca471e nss: Update to 3.14 2012-10-31 14:04:58 +01:00
aszlig 9a65507b0f
nss: Fix and add URL for security_load.patch.
We now provide an additional URL from the Debian Git repository as well, just to
be sure that the URL is available.

And, well, of course fix the URL that has gone invalid.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-09-17 09:31:47 +02:00
aszlig 808108105d nss: Just delete files if includeTools is false.
Before, the entire directory was deleted and recreated, which fails if we want
to sign libraries (shlibsign is obviously deleted in that step as well), so we
delete everything but "nss-config" on postFixup.
2012-08-22 08:29:10 +02:00
aszlig c672997dc6 nss: Remove redundant nss-config.in.
This file is already contained in nss-3.12.5-gentoo-fixups.diff, so we don't
need to do all that cruft twice.
2012-08-22 08:29:10 +02:00
aszlig 38a4d77665 nss: Fix referencePath to security modules.
This adds a patch from Debian, as they're already have security modules from NSS
in it's own library directory rather than /usr/lib{,64}/ and patch in loading of
libsoftokn as well.

The patch and our own fix of the patch (well, they hardcode Debian specific
stuff in there) ensures that SECMOD_AddNewModule() will find the right module
from the derivation's output path, so the built-in CA root certificates are
recognized and verified correctly.
2012-08-22 08:29:09 +02:00
aszlig 9e0aaf30aa nss: Sign libraries after striping.
Running NSS in FIPS mode is only possible if the libraries are signed correctly,
so we're doing this in the postFixup hook, to insure nothing gets altered after
that phase.

For more information about FIPS mode, please see:
https://developer.mozilla.org/en-US/docs/NSS/FIPS_Mode_-_an_explanation
2012-08-22 08:29:09 +02:00
aszlig 29fce94665 nss: Clean up build/make flags.
First of all, let's remove that redundant BUILD_OPT variable.

This variable already is in makeFlags, so we really don't want it to be lurking
around in the attribute set of the derivation, and it annoys me for being there
for days.

We now state build targets explicitly rather than relying on "nss_build_all".
This makes NSPR_CONFIG_STATUS and the touch of build_nspr stamp obsolete, as
only nss_build_all includes build_nspr.

In addition, we don't need the -lz hack anymore, as this has been fixed in
recent NSS versions, so we can completly remove the postBuild hook.

And while we're at it, we're removing those outdated build instructions as well,
especially because we don't and can't follow official building guidelines
anymore, as those are difficult to apply to Nix.
2012-08-22 08:29:09 +02:00
aszlig 5f4ca8ec18 nss: Add nss-pem module from fedora.
This is a compatibility module which adds suport for PEM certificates used by
OpenSSL and compatible libraries. The module gets built but isn't used at the
moment, so we're going to work on integration of it later.
2012-08-22 08:29:09 +02:00