diff options
author | Gustavo Zacarias <gustavo@zacarias.com.ar> | 2016-03-09 08:41:20 -0300 |
---|---|---|
committer | Peter Korsgaard <peter@korsgaard.com> | 2016-03-09 13:14:13 +0100 |
commit | 09f0b8c353d6b7886dd5cab3deee0cc9625b6eed (patch) | |
tree | b88c635819dba0273f35be45189f4c8cc0008267 /package/libnss | |
parent | c6e635735dee76f7103f3e30f68e4f2cbf1d1226 (diff) |
libnss: security bump to version 3.22.2
Fixes:
CVE-2016-1950 - heap-based buffer overflow related to the parsing of
certain ASN.1 structures. An attacker could create a specially-crafted
certificate which, when parsed by NSS, would cause a crash or execution
of arbitrary code with the permissions of the user.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/libnss')
-rw-r--r-- | package/libnss/libnss.hash | 4 | ||||
-rw-r--r-- | package/libnss/libnss.mk | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/package/libnss/libnss.hash b/package/libnss/libnss.hash index 6e4d330f4..143e1d872 100644 --- a/package/libnss/libnss.hash +++ b/package/libnss/libnss.hash @@ -1,2 +1,2 @@ -# From https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_22_1_RTM/src/SHA256SUMS -sha256 89e1fc7074e5c325962821289f4cd7d8207ae95af2308ba881215ed9ca68fa4f nss-3.22.1.tar.gz +# From https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_22_2_RTM/src/SHA256SUMS +sha256 07d49287c527ac31200f02dcf8494cef19e936d8ed470802749c4dfc782d3650 nss-3.22.2.tar.gz diff --git a/package/libnss/libnss.mk b/package/libnss/libnss.mk index c474f61f2..18dc62cb0 100644 --- a/package/libnss/libnss.mk +++ b/package/libnss/libnss.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBNSS_VERSION = 3.22.1 +LIBNSS_VERSION = 3.22.2 LIBNSS_SOURCE = nss-$(LIBNSS_VERSION).tar.gz LIBNSS_SITE = https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_$(subst .,_,$(LIBNSS_VERSION))_RTM/src LIBNSS_DISTDIR = dist |