new file mode 100644
@@ -0,0 +1,51 @@
+From 4e7e332b25a2794f381323518e52d8d95273b69e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Franti=C5=A1ek=20Kren=C5=BEelok?= <fkrenzel@redhat.com>
+Date: Mon, 30 Jan 2023 12:59:20 +0000
+Subject: [PATCH] Bug 1812671 - build failure while implicitly casting
+ SECStatus to PRUInt32. r=nss-reviewers,mt
+
+Author of the patch: Bob Relyea <rrelyea@redhat.com>
+
+Differential Revision: https://phabricator.services.mozilla.com/D167983
+
+Upstream-Status: Backport
+Link: https://github.com/nss-dev/nss/commit/4e7e332b25a2794f381323518e52d8d95273b69e
+
+Signed-off-by: Jack Mitchell <ml@embed.me.uk>
+
+--HG--
+extra : moz-landing-system : lando
+---
+ lib/ssl/ssl3exthandle.c | 2 +-
+ lib/ssl/sslsnce.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/lib/ssl/ssl3exthandle.c b/lib/ssl/ssl3exthandle.c
+index b5ae62f39..7134447bf 100644
+--- a/lib/ssl/ssl3exthandle.c
++++ b/lib/ssl/ssl3exthandle.c
+@@ -201,7 +201,7 @@ ssl3_FreeSniNameArray(TLSExtensionData *xtnData)
+ * Clients sends a filled in session ticket if one is available, and otherwise
+ * sends an empty ticket. Servers always send empty tickets.
+ */
+-PRInt32
++SECStatus
+ ssl3_ClientSendSessionTicketXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ sslBuffer *buf, PRBool *added)
+ {
+diff --git a/lib/ssl/sslsnce.c b/lib/ssl/sslsnce.c
+index 56edafa1f..49f041c97 100644
+--- a/lib/ssl/sslsnce.c
++++ b/lib/ssl/sslsnce.c
+@@ -1820,7 +1820,7 @@ ssl_GetSelfEncryptKeyPair(SECKEYPublicKey **pubKey,
+ return SECSuccess;
+ }
+
+-static PRBool
++static SECStatus
+ ssl_GenerateSelfEncryptKeys(void *pwArg, PRUint8 *keyName,
+ PK11SymKey **aesKey, PK11SymKey **macKey);
+
+--
+2.40.1
+
new file mode 100644
@@ -0,0 +1,80 @@
+From cbf5a2bce75ca2c2fd3e247796b9892f5298584e Mon Sep 17 00:00:00 2001
+From: "John M. Schanck" <jschanck@mozilla.com>
+Date: Thu, 13 Apr 2023 17:43:46 +0000
+Subject: [PATCH] Bug 1826650 - cmd/ecperf: fix dangling pointer warning on gcc
+ 13. r=djackson
+
+Differential Revision: https://phabricator.services.mozilla.com/D174822
+
+Upstream-Status: Backport
+Link: https://github.com/nss-dev/nss/commit/cbf5a2bce75ca2c2fd3e247796b9892f5298584e
+
+Signed-off-by: Jack Mitchell <ml@embed.me.uk>
+
+--HG--
+extra : moz-landing-system : lando
+---
+ cmd/ecperf/ecperf.c | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+diff --git a/cmd/ecperf/ecperf.c b/cmd/ecperf/ecperf.c
+index 705d68f35..a07004d8e 100644
+--- a/cmd/ecperf/ecperf.c
++++ b/cmd/ecperf/ecperf.c
+@@ -53,6 +53,7 @@ PKCS11Thread(void *data)
+ SECItem sig;
+ CK_SESSION_HANDLE session;
+ CK_RV crv;
++ void *tmp = NULL;
+
+ threadData->status = SECSuccess;
+ threadData->count = 0;
+@@ -68,6 +69,7 @@ PKCS11Thread(void *data)
+ if (threadData->isSign) {
+ sig.data = sigData;
+ sig.len = sizeof(sigData);
++ tmp = threadData->p2;
+ threadData->p2 = (void *)&sig;
+ }
+
+@@ -79,6 +81,10 @@ PKCS11Thread(void *data)
+ }
+ threadData->count++;
+ }
++
++ if (threadData->isSign) {
++ threadData->p2 = tmp;
++ }
+ return;
+ }
+
+@@ -89,6 +95,7 @@ genericThread(void *data)
+ int iters = threadData->iters;
+ unsigned char sigData[256];
+ SECItem sig;
++ void *tmp = NULL;
+
+ threadData->status = SECSuccess;
+ threadData->count = 0;
+@@ -96,6 +103,7 @@ genericThread(void *data)
+ if (threadData->isSign) {
+ sig.data = sigData;
+ sig.len = sizeof(sigData);
++ tmp = threadData->p2;
+ threadData->p2 = (void *)&sig;
+ }
+
+@@ -107,6 +115,10 @@ genericThread(void *data)
+ }
+ threadData->count++;
+ }
++
++ if (threadData->isSign) {
++ threadData->p2 = tmp;
++ }
+ return;
+ }
+
+--
+2.40.1
+
@@ -43,6 +43,8 @@ SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSIO
file://CVE-2021-43527.patch \
file://CVE-2022-22747.patch \
file://CVE-2023-0767.patch \
+ file://0001-Bug-1812671-build-failure-while-implicitly-casting-S.patch;patchdir=nss \
+ file://0001-Bug-1826650-cmd-ecperf-fix-dangling-pointer-warning-.patch;patchdir=nss \
"
SRC_URI[md5sum] = "6acaf1ddff69306ae30a908881c6f233"
Signed-off-by: Jack Mitchell <ml@embed.me.uk> --- ...d-failure-while-implicitly-casting-S.patch | 51 ++++++++++++ ...ecperf-fix-dangling-pointer-warning-.patch | 80 +++++++++++++++++++ meta-oe/recipes-support/nss/nss_3.51.1.bb | 2 + 3 files changed, 133 insertions(+) create mode 100644 meta-oe/recipes-support/nss/nss/0001-Bug-1812671-build-failure-while-implicitly-casting-S.patch create mode 100644 meta-oe/recipes-support/nss/nss/0001-Bug-1826650-cmd-ecperf-fix-dangling-pointer-warning-.patch