libnss: security bump to version 3.20.1

Fixes:
CVE-2015-7181 - A use-after-poison flaw was found in the way NSS parsed
certain ASN.1 structures. An attacker could use this flaw to cause NSS
to crash or execute arbitrary code with the permissions of the user
running an application compiled against the NSS library.
CVE-2015-7182 - A heap-based buffer overflow flaw was found in the way
NSS parsed certain ASN.1 structures. An attacker could use this flaw to
cause NSS to crash or execute arbitrary code with the permissions of the
user running an application compiled against the NSS library.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

diff --git a/package/libnss/libnss.hash b/package/libnss/libnss.hash
index 9e2478672b66d07c0e7726b999d5c87cccd99084..68f50eaa5be65f6c09f4e3090eb351ccf4530dfa 100644 (file)
--- a/package/libnss/libnss.hash
+++ b/package/libnss/libnss.hash
@@ -1,2 +1,2 @@
-# From https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_20_RTM/src/SHA256SUMS
-sha256 5e38d4b9837ca338af966b97fc91c07f67ad647fb38dc4af3cfd0d84e477d15c        nss-3.20.tar.gz
+# From https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_20_1_RTM/src/SHA256SUMS
+sha256 ad3c8f11dfd9570c2d04a6140d5ef7c2bdd0fe30d6c9e5548721a4251a5e8c97        nss-3.20.1.tar.gz

diff --git a/package/libnss/libnss.mk b/package/libnss/libnss.mk
index f283bb3d3490d001901f55fc27e6cd74bfab1d7f..a15fab214365ece768f4bfc39c3729af7f191d5c 100644 (file)
--- a/package/libnss/libnss.mk
+++ b/package/libnss/libnss.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBNSS_VERSION = 3.20
+LIBNSS_VERSION = 3.20.1
 LIBNSS_SOURCE = nss-$(LIBNSS_VERSION).tar.gz
 LIBNSS_SITE = https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_$(subst .,_,$(LIBNSS_VERSION))_RTM/src
 LIBNSS_DISTDIR = dist