[Buildroot] [PATCH v2 2/2] package/libnss: security bump to version 3.46
Peter Korsgaard
peter at korsgaard.com
Tue Sep 17 20:40:43 UTC 2019
>>>>> "Giulio" == Giulio Benetti <giulio.benetti at micronovasrl.com> writes:
> Fixes the following security issues:
> (3.44.1)
> CVE-2019-11729: More thorough input checking
> CVE-2019-11719: Don't unnecessarily strip leading 0's from key material
> during PKCS11 import
> CVE-2019-11727: Prohibit use of RSASSA-PKCS1-v1_5 algorithms in TLS 1.3
> Note:
> This version requires nspr 4.22 or newer provided by the previous patch.
> Signed-off-by: Giulio Benetti <giulio.benetti at micronovasrl.com>
Committed to 2019.02.x, 2019.05.x and 2019.08.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list