projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7e1f317) | patch
libnss: security bump to version 3.30.2
authorBaruch Siach <baruch@tkos.co.il>
Thu, 20 Apr 2017 17:34:29 +0000 (20:34 +0300)
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thu, 20 Apr 2017 19:53:00 +0000 (21:53 +0200)
commit09b8e1079ec97d9843430930414a95ac8450a652
treeaa58fd846c26de08d4f7a3b890d772ff9e527de6tree
parent7e1f3171ac98dd25d5e656a888bcff046353087dcommit | diff
libnss: security bump to version 3.30.2

CVE-2017-5461 - Out-of-bounds write in Base64 encoding in NSS. Might cause
remote arbitrary code execution
(https://access.redhat.com/errata/RHSA-2017:1100).

CVE-2017-5462 - DRBG flaw in NSS

Drop 0001-cross-compile.patch and TARGET* variables. Upstream Makefile now
allows override of CC, so use TARGET_CONFIGURE_OPTS instead.

Drop upstream 0003-it-uninitialized-fix.patch.

Renumber the remaining patch.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
package/libnss/0001-cross-compile.patch [deleted file] blob | history
package/libnss/0001-uclibc.patch [new file with mode: 0644] blob
package/libnss/0002-uclibc.patch [deleted file] blob | history
package/libnss/0003-it-uninitialized-fix.patch [deleted file] blob | history
package/libnss/libnss.hash diff | blob | history
package/libnss/libnss.mk diff | blob | history