[Buildroot] [PATCH] libnss: security bump to version 3.20.1
Peter Korsgaard
peter at korsgaard.com
Mon Nov 9 21:09:17 UTC 2015
>>>>> "Gustavo" == Gustavo Zacarias <gustavo at zacarias.com.ar> writes:
> Fixes:
> CVE-2015-7181 - A use-after-poison flaw was found in the way NSS parsed
> certain ASN.1 structures. An attacker could use this flaw to cause NSS
> to crash or execute arbitrary code with the permissions of the user
> running an application compiled against the NSS library.
> CVE-2015-7182 - A heap-based buffer overflow flaw was found in the way
> NSS parsed certain ASN.1 structures. An attacker could use this flaw to
> cause NSS to crash or execute arbitrary code with the permissions of the
> user running an application compiled against the NSS library.
> Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list