<feed xmlns='http://www.w3.org/2005/Atom'>
<title>buildroot/package/libnss/libnss.hash, branch 2017.02.1</title>
<subtitle>OpenPOWER buildroot sources</subtitle>
<id>https://git.raptorcs.com/git/buildroot/atom?h=2017.02.1</id>
<link rel='self' href='https://git.raptorcs.com/git/buildroot/atom?h=2017.02.1'/>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/'/>
<updated>2017-01-09T16:18:04+00:00</updated>
<entry>
<title>libnss: bump to version 3.27.2</title>
<updated>2017-01-09T16:18:04+00:00</updated>
<author>
<name>Peter Korsgaard</name>
<email>peter@korsgaard.com</email>
</author>
<published>2017-01-09T14:06:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=f4a470ecad98c5fd49c4a22d0efca5f18bd16f3f'/>
<id>urn:sha1:f4a470ecad98c5fd49c4a22d0efca5f18bd16f3f</id>
<content type='text'>
Fixes a memory leak in SSL_SetTrustAnchors():
https://bugzilla.mozilla.org/show_bug.cgi?id=1318561

Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>libnss: bump to version 3.27.1</title>
<updated>2016-10-13T06:04:33+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2016-10-10T16:54:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=3ccdc270eeb72de718afa348f2a362c79ba0579d'/>
<id>urn:sha1:3ccdc270eeb72de718afa348f2a362c79ba0579d</id>
<content type='text'>
Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>nss: security bump to version 3.23</title>
<updated>2016-03-31T01:43:58+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2016-03-30T19:51:07+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=ab61031a34df8875cec0d9c605f7f69840c11cfe'/>
<id>urn:sha1:ab61031a34df8875cec0d9c605f7f69840c11cfe</id>
<content type='text'>
Fixes:
CVE-2016-1950 - Fixed a heap-based buffer overflow related to the
parsing of certain ASN.1 structures. An attacker could create a
specially-crafted certificate which, when parsed by NSS, would cause a
crash or execution of arbitrary code with the permissions of the user.

Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>libnss: security bump to version 3.22.2</title>
<updated>2016-03-09T12:14:13+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2016-03-09T11:41:20+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=09f0b8c353d6b7886dd5cab3deee0cc9625b6eed'/>
<id>urn:sha1:09f0b8c353d6b7886dd5cab3deee0cc9625b6eed</id>
<content type='text'>
Fixes:
CVE-2016-1950 - heap-based buffer overflow related to the parsing of
certain ASN.1 structures. An attacker could create a specially-crafted
certificate which, when parsed by NSS, would cause a crash or execution
of arbitrary code with the permissions of the user.

Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>libnss: bump to version 4.22.1</title>
<updated>2016-02-24T21:14:44+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2016-02-24T20:33:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=6b63783dafe1e797a9aab8c98e2ec39de70e6ae6'/>
<id>urn:sha1:6b63783dafe1e797a9aab8c98e2ec39de70e6ae6</id>
<content type='text'>
Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>libnss: bump to version 3.21</title>
<updated>2015-11-21T08:30:37+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2015-11-20T18:47:20+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=c0e48bb721363a78a12ace3785ffb4dc3c9e6f93'/>
<id>urn:sha1:c0e48bb721363a78a12ace3785ffb4dc3c9e6f93</id>
<content type='text'>
Disable gtests since they require C++ support.

Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>libnss: bump to version 3.20</title>
<updated>2015-10-03T13:14:32+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2015-10-03T11:38:49+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=513908ba8f7cc2bf0cc811b4911110dc6933908a'/>
<id>urn:sha1:513908ba8f7cc2bf0cc811b4911110dc6933908a</id>
<content type='text'>
Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Reviewed-by: Vicente Olivert Riera &lt;Vincent.Riera@imgtec.com&gt;
Tested-by: Vicente Olivert Riera &lt;Vincent.Riera@imgtec.com&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>libnss: security bump to version 3.19.2</title>
<updated>2015-07-18T09:33:29+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2015-07-15T16:13:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=6d52d92319c7989848d5e9d2022fbc2cb36ddc5e'/>
<id>urn:sha1:6d52d92319c7989848d5e9d2022fbc2cb36ddc5e</id>
<content type='text'>
Fixes:
CVE-2015-2730, CVE-2015-2721, and probably others.

Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>libnss: bump to version 3.17.4</title>
<updated>2015-02-17T13:03:08+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2015-02-17T12:57:44+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=cc6be50e07b5e766173cef51ed544d77184c3c48'/>
<id>urn:sha1:cc6be50e07b5e766173cef51ed544d77184c3c48</id>
<content type='text'>
Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>libnss: security bump to version 3.17.3</title>
<updated>2014-12-16T22:48:32+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2014-12-16T11:12:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=6efc256a7762ed388ca57d809ceb3fc9f6776b7d'/>
<id>urn:sha1:6efc256a7762ed388ca57d809ceb3fc9f6776b7d</id>
<content type='text'>
Fixes CVE-2014-1569 - The definite_length_decoder function in
lib/util/quickder.c in Mozilla Network Security Services (NSS) before
3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding
of an ASN.1 length is properly formed, which allows remote attackers to
conduct data-smuggling attacks by using a long byte sequence for an
encoding.

Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
</feed>
