Commit Graph

14 Commits

Author SHA1 Message Date
Baruch Siach
b39e6dbed1 libnss: bump to version 3.31
Fixes build with gcc 7.

https://hg.mozilla.org/projects/nss/rev/0dca14409fef

Fixes:
http://autobuild.buildroot.net/results/b71/b71e4e003ec5753708a07cfd04e3025c93f80e67/
http://autobuild.buildroot.net/results/66d/66d31923824d34df3b20a363a1346df1c00ae222/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-15 22:05:35 +02:00
Baruch Siach
09b8e1079e libnss: security bump to version 3.30.2
CVE-2017-5461 - Out-of-bounds write in Base64 encoding in NSS. Might cause
remote arbitrary code execution
(https://access.redhat.com/errata/RHSA-2017:1100).

CVE-2017-5462 - DRBG flaw in NSS

Drop 0001-cross-compile.patch and TARGET* variables. Upstream Makefile now
allows override of CC, so use TARGET_CONFIGURE_OPTS instead.

Drop upstream 0003-it-uninitialized-fix.patch.

Renumber the remaining patch.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-20 21:53:00 +02:00
Peter Korsgaard
f4a470ecad libnss: bump to version 3.27.2
Fixes a memory leak in SSL_SetTrustAnchors():
https://bugzilla.mozilla.org/show_bug.cgi?id=1318561

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-01-09 17:18:04 +01:00
Gustavo Zacarias
3ccdc270ee libnss: bump to version 3.27.1
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-10-13 08:04:33 +02:00
Gustavo Zacarias
ab61031a34 nss: security bump to version 3.23
Fixes:
CVE-2016-1950 - Fixed a heap-based buffer overflow related to the
parsing of certain ASN.1 structures. An attacker could create a
specially-crafted certificate which, when parsed by NSS, would cause a
crash or execution of arbitrary code with the permissions of the user.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-03-31 03:43:58 +02:00
Gustavo Zacarias
09f0b8c353 libnss: security bump to version 3.22.2
Fixes:
CVE-2016-1950 - heap-based buffer overflow related to the parsing of
certain ASN.1 structures. An attacker could create a specially-crafted
certificate which, when parsed by NSS, would cause a crash or execution
of arbitrary code with the permissions of the user.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-09 13:14:13 +01:00
Gustavo Zacarias
6b63783daf libnss: bump to version 4.22.1
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-02-24 22:14:44 +01:00
Gustavo Zacarias
c0e48bb721 libnss: bump to version 3.21
Disable gtests since they require C++ support.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-11-21 09:30:37 +01:00
Gustavo Zacarias
513908ba8f libnss: bump to version 3.20
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-10-03 15:14:32 +02:00
Gustavo Zacarias
6d52d92319 libnss: security bump to version 3.19.2
Fixes:
CVE-2015-2730, CVE-2015-2721, and probably others.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-07-18 11:33:29 +02:00
Gustavo Zacarias
cc6be50e07 libnss: bump to version 3.17.4
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-02-17 14:03:08 +01:00
Gustavo Zacarias
6efc256a77 libnss: security bump to version 3.17.3
Fixes CVE-2014-1569 - The definite_length_decoder function in
lib/util/quickder.c in Mozilla Network Security Services (NSS) before
3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding
of an ASN.1 length is properly formed, which allows remote attackers to
conduct data-smuggling attacks by using a long byte sequence for an
encoding.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-12-16 23:48:32 +01:00
Gustavo Zacarias
e5ca8de85e libnss: bump to version 3.17.2
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-10-14 17:27:46 +02:00
Gustavo Zacarias
0901d9049e libnss: security bump to version 3.17.1
Fixes CVE-2014-1568 RSA signature forgery attack.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-09-25 21:41:07 +02:00