Merge ~lucaskanashiro/ubuntu/+source/nss:merge-focal into ubuntu/+source/nss:debian/sid
- Git
- lp:~lucaskanashiro/ubuntu/+source/nss
- merge-focal
- Merge into debian/sid
Status: | Merged |
---|---|
Approved by: | Christian Ehrhardt |
Approved revision: | 3d3a453069c5b125047697ea9b9a9d48ad4d82af |
Merge reported by: | Christian Ehrhardt |
Merged at revision: | 3d3a453069c5b125047697ea9b9a9d48ad4d82af |
Proposed branch: | ~lucaskanashiro/ubuntu/+source/nss:merge-focal |
Merge into: | ubuntu/+source/nss:debian/sid |
Diff against target: |
361 lines (+230/-2) 6 files modified
debian/changelog (+173/-0) debian/control (+3/-1) debian/libnss3.links (+3/-0) debian/patches/disable_fips_enabled_read.patch (+49/-0) debian/patches/series (+1/-0) debian/rules (+1/-1) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Christian Ehrhardt (community) | Approve | ||
Canonical Server | Pending | ||
Review via email: mp+375115@code.launchpad.net |
This proposal supersedes a proposal from 2019-10-31.
Commit message
Description of the change
Merge version 2:3.47-1 from Debian. The delta from version 2:3.45-1ubuntu2 was applied on top of this new release:
* d/libnss3.links: make freebl3 available as library
* d/control: add dh-exec to Build-Depends
* d/rules: make mkdir tolerate debian/tmp existing (due to dh-exec)
* Disable reading fips_enabled flag in FIPS mode. libnss is not a FIPS certified library.
According to upstream release notes the library in this new release is compatible with the version we have in the archive, so the version bump should not be a problem.
Lucas Kanashiro (lucaskanashiro) wrote : | # |
Christian Ehrhardt (paelzer) wrote : | # |
Recommendation: switch on nonx86 architectures on the PPA to not hit late surprises on upload
Christian Ehrhardt (paelzer) wrote : | # |
build - ok
retained delta - ok (nothing upstreamable, not sure why debian dislikes freebl3)
changelog - ok
Christian Ehrhardt (paelzer) wrote : | # |
It has quite a long list of reverse dependencies which makes this dangerous.
I agree that we don't see a bump of the major number of the lib so it might be working out well.
I was checking
https:/
https:/
It is a bit tricky, there were significant TLS changes announced for 3.47 in the 3.46 doc. Only to be listed still as future in 3.47 release note.
It also contains the statement you probably meant that it should be compatible.
Yeah it seems safe in that regard.
Christian Ehrhardt (paelzer) wrote : | # |
But the notes also contain:
"The HG tag is NSS_3_47_RTM. NSS 3.47 requires NSPR 4.23 or newer."
Well at least in f-proposed that is ok:
libnspr4 | 2:4.23-1 | focal-proposed | amd64, arm64, armhf, i386, ppc64el, s390x
Christian Ehrhardt (paelzer) wrote : | # |
Yeah, overall this LGTM.
Be prepared that due to the longer list of dependencies there might be more potential hickups in tests. But that won't change, so if you are ok it can be sponsored.
Lucas Kanashiro (lucaskanashiro) wrote : | # |
> Recommendation: switch on nonx86 architectures on the PPA to not hit late
> surprises on upload
Thanks for the heads up Christian. Do you usually build packages for all architectures? Or do you have a small set that is "more valuable" in general?
Lucas Kanashiro (lucaskanashiro) wrote : | # |
> Yeah, overall this LGTM.
> Be prepared that due to the longer list of dependencies there might be more
> potential hickups in tests. But that won't change, so if you are ok it can be
> sponsored.
I am ok with it, could you please sponsor it?
Christian Ehrhardt (paelzer) wrote : | # |
I usually build all that the main archive builds for: amd64, i386, armhf, arm64, ppc64el, s390x.
As those are the ones that should work well on the actual upload.
No one cares about e.g. "powerpc" anymore these days.
As agreed, sponsoring ...
Christian Ehrhardt (paelzer) wrote : | # |
Tagged and uploaded to Focal
To ssh://git.
* [new tag] upload/
And I see https:/
Christian Ehrhardt (paelzer) wrote : | # |
This is in the release pocket
Preview Diff
1 | diff --git a/debian/changelog b/debian/changelog |
2 | index 4e90a94..6acea72 100644 |
3 | --- a/debian/changelog |
4 | +++ b/debian/changelog |
5 | @@ -1,3 +1,14 @@ |
6 | +nss (2:3.47-1ubuntu1) focal; urgency=medium |
7 | + |
8 | + * Merge with Debian unstable. Remaining changes: |
9 | + - d/libnss3.links: make freebl3 available as library (LP #1744328) |
10 | + - d/control: add dh-exec to Build-Depends |
11 | + - d/rules: make mkdir tolerate debian/tmp existing (due to dh-exec) |
12 | + - Disable reading fips_enabled flag in FIPS mode. libnss is |
13 | + not a FIPS certified library. (LP #1837734) |
14 | + |
15 | + -- Lucas Kanashiro <lucas.kanashiro@canonical.com> Thu, 31 Oct 2019 16:18:35 -0300 |
16 | + |
17 | nss (2:3.47-1) unstable; urgency=medium |
18 | |
19 | * New upstream release. |
20 | @@ -5,6 +16,22 @@ nss (2:3.47-1) unstable; urgency=medium |
21 | |
22 | -- Mike Hommey <glandium@debian.org> Wed, 23 Oct 2019 11:19:59 +0900 |
23 | |
24 | +nss (2:3.45-1ubuntu2) eoan; urgency=medium |
25 | + |
26 | + * Disable reading fips_enabled flag in FIPS mode. libnss is |
27 | + not a FIPS certified library. (LP: #1837734) |
28 | + |
29 | + -- Vineetha Kamath <vineetha.hari.pai@canonical.com> Tue, 23 Jul 2019 20:58:12 +0000 |
30 | + |
31 | +nss (2:3.45-1ubuntu1) eoan; urgency=low |
32 | + |
33 | + * Merge from Debian unstable. Remaining changes: |
34 | + - d/libnss3.links: make freebl3 available as library (LP 1744328) |
35 | + - d/control: add dh-exec to Build-Depends |
36 | + - d/rules: make mkdir tolerate debian/tmp existing (due to dh-exec) |
37 | + |
38 | + -- Gianfranco Costamagna <locutusofborg@debian.org> Thu, 11 Jul 2019 11:49:44 +0200 |
39 | + |
40 | nss (2:3.45-1) unstable; urgency=medium |
41 | |
42 | * New upstream release. |
43 | @@ -53,6 +80,28 @@ nss (2:3.42.1-1) unstable; urgency=medium |
44 | |
45 | -- Mike Hommey <glandium@debian.org> Wed, 13 Feb 2019 13:19:39 +0900 |
46 | |
47 | +nss (2:3.42-1ubuntu2) disco; urgency=medium |
48 | + |
49 | + * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions |
50 | + - debian/patches/CVE-2018-18508-1.patch: add null checks in |
51 | + nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c, |
52 | + nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c, |
53 | + nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c. |
54 | + - debian/patches/CVE-2018-18508-2.patch: add null checks in |
55 | + nss/lib/smime/cmsmessage.c. |
56 | + - CVE-2018-18508 |
57 | + |
58 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 19 Feb 2019 12:04:49 +0100 |
59 | + |
60 | +nss (2:3.42-1ubuntu1) disco; urgency=medium |
61 | + |
62 | + * Merge with Debian unstable (LP: #1813593). Remaining changes: |
63 | + - d/libnss3.links: make freebl3 available as library (LP 1744328) |
64 | + - d/control: add dh-exec to Build-Depends |
65 | + - d/rules: make mkdir tolerate debian/tmp existing (due to dh-exec) |
66 | + |
67 | + -- Karl Stenerud <kstenerud@gmail.com> Mon, 04 Feb 2019 11:03:32 +0100 |
68 | + |
69 | nss (2:3.42-1) unstable; urgency=medium |
70 | |
71 | * New upstream release. |
72 | @@ -71,6 +120,18 @@ nss (2:3.40-1) unstable; urgency=medium |
73 | |
74 | -- Mike Hommey <glandium@debian.org> Fri, 02 Nov 2018 14:44:19 +0900 |
75 | |
76 | +nss (2:3.39-1ubuntu1) disco; urgency=medium |
77 | + |
78 | + * Merge with Debian unstable. Remaining changes (LP: #1803707): |
79 | + - d/libnss3.links: make freebl3 available as library (LP 1744328) |
80 | + - d/control: add dh-exec to Build-Depends |
81 | + - d/rules: make mkdir tolerate debian/tmp existing (due to dh-exec) |
82 | + * Dropped changes: |
83 | + - d/rules: when building with -O3 on ppc64el this FTBFS, build with |
84 | + -Wno-error=maybe-uninitialized to avoid that |
85 | + |
86 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 16 Nov 2018 14:27:39 +0100 |
87 | + |
88 | nss (2:3.39-1) unstable; urgency=medium |
89 | |
90 | * New upstream release. |
91 | @@ -103,6 +164,23 @@ nss (2:3.37-1) unstable; urgency=medium |
92 | |
93 | -- Mike Hommey <glandium@debian.org> Mon, 14 May 2018 07:15:21 +0900 |
94 | |
95 | +nss (2:3.36.1-1ubuntu1) cosmic; urgency=medium |
96 | + |
97 | + * Merge with Debian unstable. Remaining changes: |
98 | + - d/libnss3.links: make freebl3 available as library (LP 1744328) |
99 | + - d/control: add dh-exec to Build-Depends |
100 | + - d/rules: make mkdir tolerate debian/tmp existing (due to dh-exec) |
101 | + - d/rules: when building with -O3 on ppc64el this FTBFS, build with |
102 | + -Wno-error=maybe-uninitialized to avoid that |
103 | + * Dropped changes: |
104 | + - revert switching to SQL default format (LP: 1746947) Dropping this |
105 | + adresses (LP: #1747411) and effectively means we now switch to the new |
106 | + default format after we ensured all depending packages are ready. |
107 | + * Added changes: |
108 | + - d/rules: extended the FTBFS to -O3 on ppc64el to only apply on ppc64el |
109 | + |
110 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 07 May 2018 17:08:46 +0200 |
111 | + |
112 | nss (2:3.36.1-1) unstable; urgency=medium |
113 | |
114 | * New upstream release. |
115 | @@ -116,6 +194,25 @@ nss (2:3.36-1) unstable; urgency=medium |
116 | |
117 | -- Mike Hommey <glandium@debian.org> Sun, 08 Apr 2018 06:53:15 +0900 |
118 | |
119 | +nss (2:3.35-2ubuntu2) bionic; urgency=medium |
120 | + |
121 | + * d/p/lp1746947-revert-switch-default-to-sql.patch: the switch of the |
122 | + default is still causing too much issues in consumers of nss. |
123 | + So until resolved revert the switched default (LP: #1746947) |
124 | + |
125 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 05 Feb 2018 11:36:07 +0100 |
126 | + |
127 | +nss (2:3.35-2ubuntu1) bionic; urgency=medium |
128 | + |
129 | + * Merge with Debian unstable. Remaining changes: |
130 | + - When building with -O3, build with -Wno-error=maybe-uninitialized. |
131 | + * Added Changes: |
132 | + - d/libnss3.links: make freebl3 available as library (LP: #1744328) |
133 | + + d/control: add dh-exec to Build-Depends |
134 | + + d/rules: make mkdir tolerate debian/tmp existing (due to dh-exec) |
135 | + |
136 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 30 Jan 2018 14:04:20 +0100 |
137 | + |
138 | nss (2:3.35-2) unstable; urgency=medium |
139 | |
140 | * nss/lib/freebl/Makefile: Build Hacl_Poly1305_64.o on arm64. |
141 | @@ -134,6 +231,13 @@ nss (2:3.34.1-1) unstable; urgency=medium |
142 | |
143 | -- Mike Hommey <glandium@debian.org> Fri, 05 Jan 2018 20:15:40 +0900 |
144 | |
145 | +nss (2:3.34-1ubuntu1) bionic; urgency=medium |
146 | + |
147 | + * Merge with Debian; remaining changes: |
148 | + - When building with -O3, build with -Wno-error=maybe-uninitialized. |
149 | + |
150 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 14 Dec 2017 09:18:47 -0500 |
151 | + |
152 | nss (2:3.34-1) unstable; urgency=medium |
153 | |
154 | * New upstream release: |
155 | @@ -158,6 +262,28 @@ nss (2:3.32-2) unstable; urgency=medium |
156 | |
157 | -- Mike Hommey <glandium@debian.org> Mon, 28 Aug 2017 07:39:59 +0900 |
158 | |
159 | +nss (2:3.32-1ubuntu3) artful; urgency=medium |
160 | + |
161 | + * SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes |
162 | + - debian/patches/CVE-2017-7805.patch: Simplify handling of |
163 | + CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h. |
164 | + - CVE-2017-7805 |
165 | + |
166 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 29 Sep 2017 12:17:39 -0400 |
167 | + |
168 | +nss (2:3.32-1ubuntu2) artful; urgency=medium |
169 | + |
170 | + * Initialise curve variable in a test file, resolves FTBFS. |
171 | + |
172 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Thu, 24 Aug 2017 07:21:27 -0400 |
173 | + |
174 | +nss (2:3.32-1ubuntu1) artful; urgency=medium |
175 | + |
176 | + * Merge with Debian; remaining changes: |
177 | + - When building with -O3, build with -Wno-error=maybe-uninitialized. |
178 | + |
179 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 23 Aug 2017 13:09:20 -0400 |
180 | + |
181 | nss (2:3.32-1) unstable; urgency=medium |
182 | |
183 | * New upstream release. |
184 | @@ -217,6 +343,39 @@ nss (2:3.27.1-1) experimental; urgency=medium |
185 | |
186 | -- Mike Hommey <glandium@debian.org> Sat, 19 Nov 2016 08:29:17 +0900 |
187 | |
188 | +nss (2:3.28.4-0ubuntu2) artful; urgency=medium |
189 | + |
190 | + * SECURITY UPDATE: DoS via empty SSLv2 messages |
191 | + - debian/patches/CVE-2017-7502.patch: reject broken v2 records in |
192 | + nss/lib/ssl/ssl3gthr.c, nss/lib/ssl/ssldef.c, nss/lib/ssl/sslimpl.h, |
193 | + added tests to nss/gtests/ssl_gtest/ssl_gather_unittest.cc, |
194 | + nss/gtests/ssl_gtest/ssl_gtest.gyp, nss/gtests/ssl_gtest/manifest.mn, |
195 | + nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc. |
196 | + - CVE-2017-7502 |
197 | + |
198 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 16 Jun 2017 08:12:38 -0400 |
199 | + |
200 | +nss (2:3.28.4-0ubuntu1) artful; urgency=medium |
201 | + |
202 | + * Updated to upstream 3.28.4 to fix security issues and get a new CA |
203 | + certificate bundle. |
204 | + * SECURITY UPDATE: DES and Triple DES ciphers birthday attack |
205 | + - CVE-2016-2183 |
206 | + * SECURITY UPDATE: out-of-bounds write in Base64 decoding |
207 | + - CVE-2017-5461 |
208 | + * debian/patches/*.patch: refreshed for new version. |
209 | + * debian/control: bump libnspr4-dev to 4.13.1. |
210 | + * debian/libnss3.symbols: added new symbols. |
211 | + |
212 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 27 Apr 2017 13:13:44 -0400 |
213 | + |
214 | +nss (2:3.26.2-1ubuntu1) zesty; urgency=medium |
215 | + |
216 | + * Merge with Debian; remaining changes: |
217 | + - When building with -O3, build with -Wno-error=maybe-uninitialized. |
218 | + |
219 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 02 Dec 2016 08:48:03 -0500 |
220 | + |
221 | nss (2:3.26.2-1) unstable; urgency=medium |
222 | |
223 | * New upstream release. |
224 | @@ -230,6 +389,13 @@ nss (2:3.26-2) unstable; urgency=medium |
225 | |
226 | -- Mike Hommey <glandium@debian.org> Wed, 21 Sep 2016 10:02:23 +0900 |
227 | |
228 | +nss (2:3.26-1ubuntu1) yakkety; urgency=medium |
229 | + |
230 | + * Merge with Debian; remaining changes: |
231 | + - When building with -O3, build with -Wno-error=maybe-uninitialized. |
232 | + |
233 | + -- Matthias Klose <doko@ubuntu.com> Tue, 06 Sep 2016 14:39:56 +0200 |
234 | + |
235 | nss (2:3.26-1) unstable; urgency=medium |
236 | |
237 | * New upstream release. |
238 | @@ -244,6 +410,12 @@ nss (2:3.26-1) unstable; urgency=medium |
239 | |
240 | -- Mike Hommey <glandium@debian.org> Tue, 16 Aug 2016 16:33:15 +0900 |
241 | |
242 | +nss (2:3.25-1ubuntu1) yakkety; urgency=medium |
243 | + |
244 | + * When building with -O3, build with -Wno-error=maybe-uninitialized. |
245 | + |
246 | + -- Matthias Klose <doko@ubuntu.com> Thu, 04 Aug 2016 11:36:54 +0200 |
247 | + |
248 | nss (2:3.25-1) unstable; urgency=medium |
249 | |
250 | * New upstream release. |
251 | @@ -275,6 +447,7 @@ nss (2:3.21-1.1) unstable; urgency=medium |
252 | * Fix FTBFS on hppa. Closes: #808990 |
253 | |
254 | -- Adam Borowski <kilobyte@angband.pl> Sun, 14 Feb 2016 14:46:40 +0100 |
255 | + |
256 | nss (2:3.21-1) unstable; urgency=medium |
257 | |
258 | * New upstream release. |
259 | diff --git a/debian/control b/debian/control |
260 | index 90afcdc..54c1ae6 100644 |
261 | --- a/debian/control |
262 | +++ b/debian/control |
263 | @@ -1,9 +1,11 @@ |
264 | Source: nss |
265 | Section: libs |
266 | Priority: optional |
267 | -Maintainer: Maintainers of Mozilla-related packages <team+pkg-mozilla@tracker.debian.org> |
268 | +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
269 | +XSBC-Original-Maintainer: Maintainers of Mozilla-related packages <team+pkg-mozilla@tracker.debian.org> |
270 | Uploaders: Mike Hommey <glandium@debian.org> |
271 | Build-Depends: debhelper (>= 9.20160403), |
272 | + dh-exec, |
273 | dpkg-dev (>= 1.17.14), |
274 | libnspr4-dev (>= 2:4.12), |
275 | zlib1g-dev, |
276 | diff --git a/debian/libnss3.links b/debian/libnss3.links |
277 | new file mode 100755 |
278 | index 0000000..717ff94 |
279 | --- /dev/null |
280 | +++ b/debian/libnss3.links |
281 | @@ -0,0 +1,3 @@ |
282 | +#!/usr/bin/dh-exec |
283 | +usr/lib/${DEB_HOST_MULTIARCH}/nss/libfreebl3.so usr/lib/${DEB_HOST_MULTIARCH}/libfreebl3.so |
284 | +usr/lib/${DEB_HOST_MULTIARCH}/nss/libfreeblpriv3.so usr/lib/${DEB_HOST_MULTIARCH}/libfreeblpriv3.so |
285 | diff --git a/debian/patches/disable_fips_enabled_read.patch b/debian/patches/disable_fips_enabled_read.patch |
286 | new file mode 100644 |
287 | index 0000000..7a87954 |
288 | --- /dev/null |
289 | +++ b/debian/patches/disable_fips_enabled_read.patch |
290 | @@ -0,0 +1,49 @@ |
291 | +commit 16996a9156c9ff2924bdb19ff43d40617a41c912 |
292 | +Author: Vineetha Kamath <vineetha.hari.pai@canonical.com> |
293 | +Date: Tue Jul 23 15:32:32 2019 -0400 |
294 | + |
295 | +From: Vineetha Kamath<vineetha.hari.pai@canonical.com> |
296 | +Decription: Disable libgcrypt reading /proc/sys/crypto/fips_enabled |
297 | +file and going into FIPS mode. libnss is not a FIPS |
298 | +certified library. |
299 | +Bug-Ubuntu: http://bugs.launchpad.net/bugs/1837734 |
300 | +Forwarded: not-needed |
301 | + |
302 | +diff --git a/nss/lib/freebl/nsslowhash.c b/nss/lib/freebl/nsslowhash.c |
303 | +index 22f9781..8433377 100644 |
304 | +--- a/nss/lib/freebl/nsslowhash.c |
305 | ++++ b/nss/lib/freebl/nsslowhash.c |
306 | +@@ -27,11 +27,13 @@ static int |
307 | + nsslow_GetFIPSEnabled(void) |
308 | + { |
309 | + #ifdef LINUX |
310 | +- FILE *f; |
311 | ++ FILE *f = NULL; |
312 | + char d; |
313 | + size_t size; |
314 | + |
315 | ++#if 0 |
316 | + f = fopen("/proc/sys/crypto/fips_enabled", "r"); |
317 | ++#endif |
318 | + if (!f) |
319 | + return 0; |
320 | + |
321 | +diff --git a/nss/lib/sysinit/nsssysinit.c b/nss/lib/sysinit/nsssysinit.c |
322 | +index bd0fac2..81f9b17 100644 |
323 | +--- a/nss/lib/sysinit/nsssysinit.c |
324 | ++++ b/nss/lib/sysinit/nsssysinit.c |
325 | +@@ -168,11 +168,13 @@ getFIPSEnv(void) |
326 | + static PRBool |
327 | + getFIPSMode(void) |
328 | + { |
329 | +- FILE *f; |
330 | ++ FILE *f = NULL; |
331 | + char d; |
332 | + size_t size; |
333 | + |
334 | ++#if 0 |
335 | + f = fopen("/proc/sys/crypto/fips_enabled", "r"); |
336 | ++#endif |
337 | + if (!f) { |
338 | + /* if we don't have a proc flag, fall back to the |
339 | + * environment variable */ |
340 | diff --git a/debian/patches/series b/debian/patches/series |
341 | index c1bd63f..3f8bf6a 100644 |
342 | --- a/debian/patches/series |
343 | +++ b/debian/patches/series |
344 | @@ -2,3 +2,4 @@ |
345 | 80_security_tools.patch |
346 | 85_security_load.patch |
347 | 38_hppa.patch |
348 | +disable_fips_enabled_read.patch |
349 | diff --git a/debian/rules b/debian/rules |
350 | index ec951d3..b4c7302 100755 |
351 | --- a/debian/rules |
352 | +++ b/debian/rules |
353 | @@ -175,7 +175,7 @@ override_dh_strip: |
354 | |
355 | ifeq ($(DEB_HOST_ARCH),$(DEB_BUILD_ARCH)) |
356 | # Check FIPS mode correctly works |
357 | - mkdir debian/tmp |
358 | + mkdir -p debian/tmp |
359 | LD_LIBRARY_PATH=debian/libnss3/usr/lib/$(DEB_HOST_MULTIARCH):debian/libnss3/usr/lib/$(DEB_HOST_MULTIARCH)/nss debian/libnss3-tools/usr/bin/modutil -create -dbdir debian/tmp < /dev/null |
360 | LD_LIBRARY_PATH=debian/libnss3/usr/lib/$(DEB_HOST_MULTIARCH):debian/libnss3/usr/lib/$(DEB_HOST_MULTIARCH)/nss debian/libnss3-tools/usr/bin/modutil -fips true -dbdir debian/tmp < /dev/null |
361 | endif |
The package builds fine and it was uploaded to this PPA: https:/ /launchpad. net/~lucaskanas hiro/+archive/ ubuntu/ focal-nss- merge/