Summary: | <dev-libs/nss-{3.68.3, 3.76.1}: Memory safety issues with PKCS#11 tokens | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | mozilla |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A2 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 836621 | ||
Bug Blocks: |
Description
Sam James
2022-03-29 23:47:29 UTC
Oops, already in tree. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6d157cf9c7ecb644ca59c667e9b6a6e20c5a2200 commit 6d157cf9c7ecb644ca59c667e9b6a6e20c5a2200 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2022-03-30 04:56:41 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2022-03-30 04:56:41 +0000 dev-libs/nss: drop 3.75-r1, 3.76-r1 (security cleanup p1) Bug: https://bugs.gentoo.org/836386 Signed-off-by: Joonas Niilola <juippis@gentoo.org> dev-libs/nss/Manifest | 2 - dev-libs/nss/nss-3.75-r1.ebuild | 361 ---------------------------------------- dev-libs/nss/nss-3.76-r1.ebuild | 361 ---------------------------------------- 3 files changed, 724 deletions(-) please bump to 3.68.3 too, it has the same fix backported according to the changelogs The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e0d5c3a907c56c8ab278f57a6261e8ea875f15e7 commit e0d5c3a907c56c8ab278f57a6261e8ea875f15e7 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2022-04-02 05:29:01 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2022-04-02 05:30:43 +0000 dev-libs/nss: add 3.68.3 Bug: https://bugs.gentoo.org/836386 Signed-off-by: Joonas Niilola <juippis@gentoo.org> dev-libs/nss/Manifest | 1 + dev-libs/nss/nss-3.68.3.ebuild | 362 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 363 insertions(+) Please cleanup The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=35b2d5cf4c16277977814b89becd779d20f84726 commit 35b2d5cf4c16277977814b89becd779d20f84726 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2022-04-10 12:58:00 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2022-04-10 12:58:00 +0000 dev-libs/nss: drop 3.68.2-r1 Bug: https://bugs.gentoo.org/836386 Signed-off-by: Joonas Niilola <juippis@gentoo.org> dev-libs/nss/Manifest | 1 - dev-libs/nss/nss-3.68.2-r1.ebuild | 361 -------------------------------------- 2 files changed, 362 deletions(-) GLSA request filed The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=300d0a6989f134e6228f91cb9ea405db485ee8f0 commit 300d0a6989f134e6228f91cb9ea405db485ee8f0 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-12-19 02:01:58 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-12-19 02:04:29 +0000 [ GLSA 202212-05 ] Mozilla Network Security Service (NSS): Multiple Vulnerabilities Bug: https://bugs.gentoo.org/827946 Bug: https://bugs.gentoo.org/836386 Bug: https://bugs.gentoo.org/848984 Bug: https://bugs.gentoo.org/877169 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202212-05.xml | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) GLSA released, all done. |