Sat Jan 7 01:50:00 UTC 202320230107015000

a/btrfs-progs-6.1.2-x86_64-1.txz:  Upgraded.
l/mozilla-nss-3.87-x86_64-1.txz:  Upgraded.
  Fixed memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures.
  For more information, see:
    https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/
    https://www.cve.org/CVERecord?id=CVE-2021-43527
  (* Security fix *)
l/nodejs-19.4.0-x86_64-1.txz:  Upgraded.
n/php-7.4.33-x86_64-2.txz:  Rebuilt.
  This update fixes a security issue:
  PDO::quote() may return unquoted string.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31631
  (* Security fix *)
extra/php80/php80-8.0.27-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  PDO::quote() may return unquoted string.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31631
  (* Security fix *)
extra/php81/php81-8.1.14-x86_64-1.txz:  Upgraded.
  This update fixes bugs and a security issue:
  PDO::quote() may return unquoted string.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31631
  (* Security fix *)

2 files changed, 2 insertions, 26 deletions

diff --git a/source/l/mozilla-nss/CVE-2022-3479.patch b/source/l/mozilla-nss/CVE-2022-3479.patch
deleted file mode 100644
index 5f80fdc09..000000000
--- a/source/l/mozilla-nss/CVE-2022-3479.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-diff --git a/lib/ssl/authcert.c b/lib/ssl/authcert.c
---- a/lib/ssl/authcert.c
-+++ b/lib/ssl/authcert.c
-@@ -212,17 +212,17 @@ NSS_GetClientAuthData(void *arg,
-                                                pw_arg);
-         } else {
-             int nnames = 0;
-             char **names = ssl_DistNamesToStrings(caNames, &nnames);
-             rv = CERT_FilterCertListByCANames(certList, nnames, names,
-                                               certUsageSSLClient);
-             ssl_FreeDistNamesStrings(names, nnames);
-         }
--        if ((rv != SECSuccess) || CERT_LIST_EMPTY(certList)) {
-+        if ((rv != SECSuccess) || (certList && CERT_LIST_EMPTY(certList))) {
-             CERT_DestroyCertList(certList);
-             certList = NULL;
-         }
-     }
-     if (certList == NULL) {
-         /* no user certs meeting the nickname/usage requirements found */
-         return SECFailure;
-     }
-
diff --git a/source/l/mozilla-nss/mozilla-nss.SlackBuild b/source/l/mozilla-nss/mozilla-nss.SlackBuild
index 33b0dac82..25934f791 100755
--- a/source/l/mozilla-nss/mozilla-nss.SlackBuild
+++ b/source/l/mozilla-nss/mozilla-nss.SlackBuild
@@ -1,6 +1,6 @@
 #!/bin/bash
 # Copyright 2005, 2006, 2008, 2009, 2010, 2012  Eric Hameleers, Eindhoven, NL
-# Copyright 2013, 2014, 2015, 2017, 2018, 2019, 2020  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2013, 2014, 2015, 2017, 2018, 2019, 2020, 2023  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 #   Permission to use, copy, modify, and distribute this software for
@@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=mozilla-nss
 SRCNAM=nss
-VERSION=${VERSION:-3.86}
+VERSION=${VERSION:-3.87}
 NSPR=${NSPR:-4.35}
 BUILD=${BUILD:-1}
 
@@ -93,7 +93,6 @@ find . \
   -exec chmod 644 {} \+
 
 cd nss
-zcat $CWD/CVE-2022-3479.patch.gz | patch -p1 --verbose || exit 1
 ./build.sh -v $NUMJOBS --opt --system-sqlite --enable-libpkix --disable-tests
 cd -