[Buildroot] [PATCH] libnss: security bump to version 3.20.1

Peter Korsgaard peter at korsgaard.com
Mon Nov 9 21:09:17 UTC 2015


>>>>> "Gustavo" == Gustavo Zacarias <gustavo at zacarias.com.ar> writes:

 > Fixes:
 > CVE-2015-7181 - A use-after-poison flaw was found in the way NSS parsed
 > certain ASN.1 structures. An attacker could use this flaw to cause NSS
 > to crash or execute arbitrary code with the permissions of the user
 > running an application compiled against the NSS library.
 > CVE-2015-7182 - A heap-based buffer overflow flaw was found in the way
 > NSS parsed certain ASN.1 structures. An attacker could use this flaw to
 > cause NSS to crash or execute arbitrary code with the permissions of the
 > user running an application compiled against the NSS library.

 > Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>

Committed, thanks.

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list