nss, nss-util, nss-softokn, and nspr security update

nspr
[4.9.5-2]

• Update to NSPR_4_9_5_RTM
• Resolves: rhbz#927186 - Rebase to nspr-4.9.5
• Add upstream URL for an existing patch per packaging guidelines
  [4.9.5-1]
• Resolves: Rebase to nspr-4.9.5
  [4.9.2-1]
• Update to nspr-4.9.2
• Related: rhbz#863286
  nss
  [3.14.3-4.0.1.el6_4]
• Added nss-vendor.patch to change vendor
  [3.14.3-4]
• Revert to accepting MD5 on digital signatures by default
• Resolves: rhbz#957603 - nss 3.14 - MD5 hash algorithm disabled
  [3.14.3-3]
• Ensure pem uses system freebl as with this update freebl brings in new API’s
• Resolves: rhbz#927157 - [RFE][RHEL6] Rebase to nss-3.14.3 to fix the lucky-13 issue
  [3.14.3-2]
• Install sechash.h and secmodt.h which are now provided by nss-devel
• Resolves: rhbz#927157 - [RFE][RHEL6] Rebase to nss-3.14.3 to fix the lucky-13 issue
• Remove unsafe -r option from commands that remove headers already shipped by nss-util and nss-softoken
  [3.14.3-1]
• Update to NSS_3.14.3_RTM
• Resolves: rhbz#927157 - [RFE][RHEL6] Rebase to nss-3.14.3 to fix the lucky-13 issue
• Update expired test certificates (fixed in upstream bug 852781)
• Sync up pem module’s rsawrapr.c with softoken’s upstream changes for nss-3.14.3
• Reactivate the aia tests
  nss-softokn
  [3.14.3-3]
• Add patch to conditionally compile according to old or new sqlite api
• new is used on rhel-6 while rhel-5 uses old but we need the same code for both
• Resolves: rhbz#927158 - Rebase to nss-softokn 3.14.3 to fix the lucky-13 issue
  [3.14.3-2]
• Revert to using a code patch for relro support
• Related: rhbz#927158
  [3.14.3-1]
• Update to NSS_3_14_3_RTM
• Resolves: rhbz#927158 - Rebase to nss-softokn 3.14.3 to fix the lucky-13 issue
• Add export LD_LIBRARY_PATH=//usr/lib before the signing commands in __spec_install_post scriplet
  to ensure signing tool links with in-tree freebl so verification uses same algorithm as in signing
• Add %check section to run the upstream crypto reqression test suite as per packaging guidelines
• Don’t install sechash.h or secmodt.h which as per 3.14 are provided by nss-devel
• Update the licence to MPLv2.0
  [3.12.9-12]
• Bootstrapping of the builroot in preparation for rebase to 3.14.3
• Remove hasht.h from the %files devel list to prevent update conflicts with nss-util
• With 3.14.3 hasht.h will be provided by nss-util-devel
• Related: rhbz#927158 - rebase nss-softokn to 3.14.3
  nss-util
  [3.14.3-3]
• Resolves: rhbz#984967 - nssutil_ReadSecmodDB leaks memory
  [3.14.3-2]
• Revert to accepting MD5 on digital signatures by default
• Resolves: rhbz#957603 - nss 3.14 - MD5 hash algorithm disabled
  [3.14.3-1]
• Update to NSS_3_14_3_RTM
• Resolves: rhbz#927171 - Rebase to 3.14.3 as part of the fix for the lucky-13 issue