Home Explore Help
Register Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

package/libnss: security bump to version 3.68.1

Fixes the following security issue:

- CVE-2021-43527: Heap overflow in NSS when verifying DSA/RSA-PSS
  DER-encoded signatures

For more details, see the advisory:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard 3 years ago
parent
531fbbd645
commit
bad5728c98
2 changed files with 3 additions and 3 deletions
Unified View Show Diff Stats
  1. 2 2
      package/libnss/libnss.hash
  2. 1 1
      package/libnss/libnss.mk

+ 2 - 2
package/libnss/libnss.hash
View File 

@@ -1,4 +1,4 @@
 
-# From https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_68_RTM/src/SHA256SUMS
 
-sha256  c402b32cac83034ec1c3d826ef4306cd14a066d7d9a6f4c30d82b3bc043c725b  nss-3.68.tar.gz
 
+# From https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_68_1_RTM/src/SHA256SUMS
 
+sha256  d0b38f7c3f146211aacc5d55fb6383abcc11a4d7ca6a36be7cbceaaed2a9ea3b  nss-3.68.1.tar.gz
 
 # Locally calculated
 
 # Locally calculated
 
 sha256  a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4  nss/COPYING
 
 sha256  a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4  nss/COPYING

+ 1 - 1
package/libnss/libnss.mk
View File 

@@ -4,7 +4,7 @@
 
 #
 
 #
 
 ################################################################################
 
 ################################################################################
 
 
 
-LIBNSS_VERSION = 3.68
 
+LIBNSS_VERSION = 3.68.1
 
 LIBNSS_SOURCE = nss-$(LIBNSS_VERSION).tar.gz
 
 LIBNSS_SOURCE = nss-$(LIBNSS_VERSION).tar.gz
 
 LIBNSS_SITE = https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_$(subst .,_,$(LIBNSS_VERSION))_RTM/src
 
 LIBNSS_SITE = https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_$(subst .,_,$(LIBNSS_VERSION))_RTM/src
 
 LIBNSS_DISTDIR = dist
 
 LIBNSS_DISTDIR = dist