From: Baruch Siach <baruch@tkos.co.il>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH] package/libnss: security bump to version 3.46
Date: Sun, 01 Sep 2019 06:51:57 +0300 [thread overview]
Message-ID: <87ef10brmq.fsf@tarshish> (raw)
In-Reply-To: <36a5f792-cb9d-0873-6efb-76a36e2267d6@micronovasrl.com>
Hi Giulio,
On Sat, Aug 31 2019, Giulio Benetti wrote:
> Subject should be: "package/libnss: bump to version 3.46" without
> 'security'.
This bump fixes CVE-2019-11727 and CVE-2019-11719. The commit log should
mention that though.
baruch
> Il 31/08/2019 22:40, Giulio Benetti ha scritto:
>> Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
>> ---
>> package/libnss/libnss.hash | 2 +-
>> package/libnss/libnss.mk | 2 +-
>> 2 files changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/package/libnss/libnss.hash b/package/libnss/libnss.hash
>> index 1d600f14ef..678f39b090 100644
>> --- a/package/libnss/libnss.hash
>> +++ b/package/libnss/libnss.hash
>> @@ -1,4 +1,4 @@
>> # From https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_42_1_RTM/src/SHA256SUMS
>> -sha256 087db37d38fd49dfd584dd2a8b5baa7fc88de7c9bd97c0c2d5be4abcafc61fc6 nss-3.42.1.tar.gz
>> +sha256 6b699649d285602ba258a4b0957cb841eafc94eff5735a9da8da0adbb9a10cef nss-3.46.tar.gz
>> # Locally calculated
>> sha256 a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4 nss/COPYING
>> diff --git a/package/libnss/libnss.mk b/package/libnss/libnss.mk
>> index 34e9d41968..776f232ad5 100644
>> --- a/package/libnss/libnss.mk
>> +++ b/package/libnss/libnss.mk
>> @@ -4,7 +4,7 @@
>> #
>> ################################################################################
>>
>> -LIBNSS_VERSION = 3.42.1
>> +LIBNSS_VERSION = 3.46
>> LIBNSS_SOURCE = nss-$(LIBNSS_VERSION).tar.gz
>> LIBNSS_SITE = https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_$(subst .,_,$(LIBNSS_VERSION))_RTM/src
>> LIBNSS_DISTDIR = dist
--
http://baruch.siach.name/blog/ ~. .~ Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
- baruch at tkos.co.il - tel: +972.52.368.4656, http://www.tkos.co.il -
next prev parent reply other threads:[~2019-09-01 3:51 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-31 20:40 [Buildroot] [PATCH] package/libnss: security bump to version 3.46 Giulio Benetti
2019-08-31 20:49 ` Giulio Benetti
2019-09-01 3:51 ` Baruch Siach [this message]
2019-09-01 9:03 ` Peter Korsgaard
2019-09-02 11:16 ` Giulio Benetti
2019-09-02 14:11 ` Peter Korsgaard
2019-09-03 10:13 ` Giulio Benetti
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ef10brmq.fsf@tarshish \
--to=baruch@tkos.co.il \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.