libnss: security bump to version 3.39

Fixes the following security issue:

CVE-2018-12384: NSS responded to an SSLv2-compatible ClientHello with a
ServerHello that had an all-zero random.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard 2018-11-13 00:02:41 +01:00
parent 56825a6518
commit 1c32e4c298
2 changed files with 3 additions and 3 deletions

View File

@ -1,4 +1,4 @@
# From https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_38_RTM/src/SHA256SUMS
sha256 2c643d3c08d6935f4d325f40743719b6990aa25a79ec2f8f712c99d086672f62 nss-3.38.tar.gz
# From https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_39_RTM/src/SHA256SUMS
sha256 6be64dd76f212415cc8bc34343ac1e7389048db4db9a023a84873c411dc5864b nss-3.39.tar.gz
# Locally calculated
sha256 a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4 nss/COPYING

View File

@ -4,7 +4,7 @@
#
################################################################################
LIBNSS_VERSION = 3.38
LIBNSS_VERSION = 3.39
LIBNSS_SOURCE = nss-$(LIBNSS_VERSION).tar.gz
LIBNSS_SITE = https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_$(subst .,_,$(LIBNSS_VERSION))_RTM/src
LIBNSS_DISTDIR = dist