diff options
author | Baruch Siach <baruch@tkos.co.il> | 2017-04-20 20:34:29 +0300 |
---|---|---|
committer | Thomas Petazzoni <thomas.petazzoni@free-electrons.com> | 2017-04-20 21:53:00 +0200 |
commit | 09b8e1079ec97d9843430930414a95ac8450a652 (patch) | |
tree | aa58fd846c26de08d4f7a3b890d772ff9e527de6 /package/libnss/libnss.mk | |
parent | 7e1f3171ac98dd25d5e656a888bcff046353087d (diff) | |
download | buildroot-09b8e1079ec97d9843430930414a95ac8450a652.tar.gz buildroot-09b8e1079ec97d9843430930414a95ac8450a652.zip |
libnss: security bump to version 3.30.2
CVE-2017-5461 - Out-of-bounds write in Base64 encoding in NSS. Might cause
remote arbitrary code execution
(https://access.redhat.com/errata/RHSA-2017:1100).
CVE-2017-5462 - DRBG flaw in NSS
Drop 0001-cross-compile.patch and TARGET* variables. Upstream Makefile now
allows override of CC, so use TARGET_CONFIGURE_OPTS instead.
Drop upstream 0003-it-uninitialized-fix.patch.
Renumber the remaining patch.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Diffstat (limited to 'package/libnss/libnss.mk')
-rw-r--r-- | package/libnss/libnss.mk | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/package/libnss/libnss.mk b/package/libnss/libnss.mk index d624cde095..1e157df1df 100644 --- a/package/libnss/libnss.mk +++ b/package/libnss/libnss.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBNSS_VERSION = 3.27.2 +LIBNSS_VERSION = 3.30.2 LIBNSS_SOURCE = nss-$(LIBNSS_VERSION).tar.gz LIBNSS_SITE = https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_$(subst .,_,$(LIBNSS_VERSION))_RTM/src LIBNSS_DISTDIR = dist @@ -33,9 +33,6 @@ LIBNSS_BUILD_VARS = \ NSS_USE_SYSTEM_SQLITE=1 \ NSS_ENABLE_ECC=1 \ NATIVE_CC="$(HOSTCC)" \ - TARGETCC="$(TARGET_CC)" \ - TARGETCCC="$(TARGET_CXX)" \ - TARGETRANLIB="$(TARGET_RANLIB)" \ OS_ARCH="Linux" \ OS_RELEASE="2.6" \ OS_TEST="$(ARCH)" @@ -55,17 +52,16 @@ endif endif define LIBNSS_BUILD_CMDS - $(TARGET_MAKE_ENV) $(MAKE1) -C $(@D)/nss coreconf \ + $(TARGET_CONFIGURE_OPTS) $(MAKE1) -C $(@D)/nss coreconf \ SOURCE_MD_DIR=$(@D)/$(LIBNSS_DISTDIR) \ DIST=$(@D)/$(LIBNSS_DISTDIR) \ CHECKLOC= \ $(LIBNSS_BUILD_VARS) - $(TARGET_MAKE_ENV) $(MAKE1) -C $(@D)/nss lib/dbm all \ + $(TARGET_CONFIGURE_OPTS) $(MAKE1) -C $(@D)/nss lib/dbm all \ SOURCE_MD_DIR=$(@D)/$(LIBNSS_DISTDIR) \ DIST=$(@D)/$(LIBNSS_DISTDIR) \ CHECKLOC= \ - $(LIBNSS_BUILD_VARS) TARGET_OPTIMIZER="$(TARGET_CFLAGS)" \ - NATIVE_FLAGS="$(HOST_CFLAGS)" + $(LIBNSS_BUILD_VARS) NATIVE_FLAGS="$(HOST_CFLAGS)" endef define LIBNSS_INSTALL_STAGING_CMDS |