* [Buildroot] [PATCH] nss: security bump to version 3.23
@ 2016-03-30 19:51 Gustavo Zacarias
2016-03-31 1:46 ` Thomas Petazzoni
0 siblings, 1 reply; 2+ messages in thread
From: Gustavo Zacarias @ 2016-03-30 19:51 UTC (permalink / raw)
To: buildroot
Fixes:
CVE-2016-1950 - Fixed a heap-based buffer overflow related to the
parsing of certain ASN.1 structures. An attacker could create a
specially-crafted certificate which, when parsed by NSS, would cause a
crash or execution of arbitrary code with the permissions of the user.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
package/libnss/libnss.hash | 4 ++--
package/libnss/libnss.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/libnss/libnss.hash b/package/libnss/libnss.hash
index 143e1d8..8e03faf 100644
--- a/package/libnss/libnss.hash
+++ b/package/libnss/libnss.hash
@@ -1,2 +1,2 @@
-# From https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_22_2_RTM/src/SHA256SUMS
-sha256 07d49287c527ac31200f02dcf8494cef19e936d8ed470802749c4dfc782d3650 nss-3.22.2.tar.gz
+# From https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_23_RTM/src/SHA256SUMS
+sha256 94b383e31c9671e9dfcca81084a8a813817e8f05a57f54533509b318d26e11cf nss-3.23.tar.gz
diff --git a/package/libnss/libnss.mk b/package/libnss/libnss.mk
index 18dc62c..e2bbf1f 100644
--- a/package/libnss/libnss.mk
+++ b/package/libnss/libnss.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIBNSS_VERSION = 3.22.2
+LIBNSS_VERSION = 3.23
LIBNSS_SOURCE = nss-$(LIBNSS_VERSION).tar.gz
LIBNSS_SITE = https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_$(subst .,_,$(LIBNSS_VERSION))_RTM/src
LIBNSS_DISTDIR = dist
--
2.7.3
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [Buildroot] [PATCH] nss: security bump to version 3.23
2016-03-30 19:51 [Buildroot] [PATCH] nss: security bump to version 3.23 Gustavo Zacarias
@ 2016-03-31 1:46 ` Thomas Petazzoni
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Petazzoni @ 2016-03-31 1:46 UTC (permalink / raw)
To: buildroot
Hello,
On Wed, 30 Mar 2016 16:51:07 -0300, Gustavo Zacarias wrote:
> Fixes:
> CVE-2016-1950 - Fixed a heap-based buffer overflow related to the
> parsing of certain ASN.1 structures. An attacker could create a
> specially-crafted certificate which, when parsed by NSS, would cause a
> crash or execution of arbitrary code with the permissions of the user.
>
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
> ---
> package/libnss/libnss.hash | 4 ++--
> package/libnss/libnss.mk | 2 +-
> 2 files changed, 3 insertions(+), 3 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-03-31 1:46 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-03-30 19:51 [Buildroot] [PATCH] nss: security bump to version 3.23 Gustavo Zacarias
2016-03-31 1:46 ` Thomas Petazzoni
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.