diff options
Diffstat (limited to 'source/l/mozilla-nss')
| -rw-r--r-- | source/l/mozilla-nss/CVE-2022-3479.patch | 23 | ||||
| -rwxr-xr-x | source/l/mozilla-nss/mozilla-nss.SlackBuild | 3 |
2 files changed, 25 insertions, 1 deletions
diff --git a/source/l/mozilla-nss/CVE-2022-3479.patch b/source/l/mozilla-nss/CVE-2022-3479.patch new file mode 100644 index 000000000..5f80fdc09 --- /dev/null +++ b/source/l/mozilla-nss/CVE-2022-3479.patch @@ -0,0 +1,23 @@ +diff --git a/lib/ssl/authcert.c b/lib/ssl/authcert.c +--- a/lib/ssl/authcert.c ++++ b/lib/ssl/authcert.c +@@ -212,17 +212,17 @@ NSS_GetClientAuthData(void *arg, + pw_arg); + } else { + int nnames = 0; + char **names = ssl_DistNamesToStrings(caNames, &nnames); + rv = CERT_FilterCertListByCANames(certList, nnames, names, + certUsageSSLClient); + ssl_FreeDistNamesStrings(names, nnames); + } +- if ((rv != SECSuccess) || CERT_LIST_EMPTY(certList)) { ++ if ((rv != SECSuccess) || (certList && CERT_LIST_EMPTY(certList))) { + CERT_DestroyCertList(certList); + certList = NULL; + } + } + if (certList == NULL) { + /* no user certs meeting the nickname/usage requirements found */ + return SECFailure; + } + diff --git a/source/l/mozilla-nss/mozilla-nss.SlackBuild b/source/l/mozilla-nss/mozilla-nss.SlackBuild index faa2abea0..2dc89c522 100755 --- a/source/l/mozilla-nss/mozilla-nss.SlackBuild +++ b/source/l/mozilla-nss/mozilla-nss.SlackBuild @@ -28,7 +28,7 @@ PKGNAM=mozilla-nss SRCNAM=nss VERSION=${VERSION:-3.84} NSPR=${NSPR:-4.35} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: MARCH=$( uname -m ) @@ -93,6 +93,7 @@ find . \ -exec chmod 644 {} \+ cd nss +zcat $CWD/CVE-2022-3479.patch.gz | patch -p1 --verbose || exit 1 ./build.sh -v $NUMJOBS --opt --system-sqlite --enable-libpkix --disable-tests cd - |