diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-01-07 01:50:00 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-01-07 03:33:34 +0100 |
commit | 34e6259d47376c3e767368d52f9aa20eafa49951 (patch) | |
tree | bc6b66ee8a2bdb7f90d44178f020f9d1b6180a95 /source/l/mozilla-nss | |
parent | b646b608f565430ef403ed0561b83845f48ae8f8 (diff) | |
download | current-34e6259d47376c3e767368d52f9aa20eafa49951.tar.gz current-34e6259d47376c3e767368d52f9aa20eafa49951.tar.xz |
Sat Jan 7 01:50:00 UTC 202320230107015000
a/btrfs-progs-6.1.2-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.87-x86_64-1.txz: Upgraded.
Fixed memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures.
For more information, see:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/
https://www.cve.org/CVERecord?id=CVE-2021-43527
(* Security fix *)
l/nodejs-19.4.0-x86_64-1.txz: Upgraded.
n/php-7.4.33-x86_64-2.txz: Rebuilt.
This update fixes a security issue:
PDO::quote() may return unquoted string.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31631
(* Security fix *)
extra/php80/php80-8.0.27-x86_64-1.txz: Upgraded.
This update fixes a security issue:
PDO::quote() may return unquoted string.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31631
(* Security fix *)
extra/php81/php81-8.1.14-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
PDO::quote() may return unquoted string.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31631
(* Security fix *)
Diffstat (limited to 'source/l/mozilla-nss')
-rw-r--r-- | source/l/mozilla-nss/CVE-2022-3479.patch | 23 | ||||
-rwxr-xr-x | source/l/mozilla-nss/mozilla-nss.SlackBuild | 5 |
2 files changed, 2 insertions, 26 deletions
diff --git a/source/l/mozilla-nss/CVE-2022-3479.patch b/source/l/mozilla-nss/CVE-2022-3479.patch deleted file mode 100644 index 5f80fdc09..000000000 --- a/source/l/mozilla-nss/CVE-2022-3479.patch +++ /dev/null @@ -1,23 +0,0 @@ -diff --git a/lib/ssl/authcert.c b/lib/ssl/authcert.c ---- a/lib/ssl/authcert.c -+++ b/lib/ssl/authcert.c -@@ -212,17 +212,17 @@ NSS_GetClientAuthData(void *arg, - pw_arg); - } else { - int nnames = 0; - char **names = ssl_DistNamesToStrings(caNames, &nnames); - rv = CERT_FilterCertListByCANames(certList, nnames, names, - certUsageSSLClient); - ssl_FreeDistNamesStrings(names, nnames); - } -- if ((rv != SECSuccess) || CERT_LIST_EMPTY(certList)) { -+ if ((rv != SECSuccess) || (certList && CERT_LIST_EMPTY(certList))) { - CERT_DestroyCertList(certList); - certList = NULL; - } - } - if (certList == NULL) { - /* no user certs meeting the nickname/usage requirements found */ - return SECFailure; - } - diff --git a/source/l/mozilla-nss/mozilla-nss.SlackBuild b/source/l/mozilla-nss/mozilla-nss.SlackBuild index 33b0dac82..25934f791 100755 --- a/source/l/mozilla-nss/mozilla-nss.SlackBuild +++ b/source/l/mozilla-nss/mozilla-nss.SlackBuild @@ -1,6 +1,6 @@ #!/bin/bash # Copyright 2005, 2006, 2008, 2009, 2010, 2012 Eric Hameleers, Eindhoven, NL -# Copyright 2013, 2014, 2015, 2017, 2018, 2019, 2020 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2013, 2014, 2015, 2017, 2018, 2019, 2020, 2023 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Permission to use, copy, modify, and distribute this software for @@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=mozilla-nss SRCNAM=nss -VERSION=${VERSION:-3.86} +VERSION=${VERSION:-3.87} NSPR=${NSPR:-4.35} BUILD=${BUILD:-1} @@ -93,7 +93,6 @@ find . \ -exec chmod 644 {} \+ cd nss -zcat $CWD/CVE-2022-3479.patch.gz | patch -p1 --verbose || exit 1 ./build.sh -v $NUMJOBS --opt --system-sqlite --enable-libpkix --disable-tests cd - |