746502418f
Fixes CVE-2017-7805 - Martin Thomson discovered that nss, the Mozilla Network Security Service library, is prone to a use-after-free vulnerability in the TLS 1.2 implementation when handshake hashes are generated. A remote attacker can take advantage of this flaw to cause an application using the nss library to crash, resulting in a denial of service, or potentially to execute arbitrary code. Also add a hash for the license file while we're at it. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> |
||
|---|---|---|
| .. | ||
| 0001-uclibc.patch | ||
| Config.in | ||
| libnss.hash | ||
| libnss.mk | ||
| nss.pc.in | ||