From release notes: """ This release fixes memory safety violations that can occur when parsing CMS data. We presume that with enough effort these memory safety violations are exploitable. """
Please stable when ready.
Please cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1ee8a8e476ad9d6c92c003cc7fa62d1c93b39e34 commit 1ee8a8e476ad9d6c92c003cc7fa62d1c93b39e34 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2022-06-05 06:13:26 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2022-06-05 06:18:35 +0000 dev-libs/nss: security cleanup Bug: https://bugs.gentoo.org/848984 Signed-off-by: Joonas Niilola <juippis@gentoo.org> dev-libs/nss/Manifest | 2 - dev-libs/nss/nss-3.68.3.ebuild | 362 ----------------------------------------- dev-libs/nss/nss-3.78.ebuild | 361 ---------------------------------------- 3 files changed, 725 deletions(-)
GLSA request filed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=300d0a6989f134e6228f91cb9ea405db485ee8f0 commit 300d0a6989f134e6228f91cb9ea405db485ee8f0 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-12-19 02:01:58 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-12-19 02:04:29 +0000 [ GLSA 202212-05 ] Mozilla Network Security Service (NSS): Multiple Vulnerabilities Bug: https://bugs.gentoo.org/827946 Bug: https://bugs.gentoo.org/836386 Bug: https://bugs.gentoo.org/848984 Bug: https://bugs.gentoo.org/877169 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202212-05.xml | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+)
GLSA released, all done.