[Buildroot] [PATCH] libnss: security bump to version 3.22.2

Peter Korsgaard peter at korsgaard.com
Wed Mar 9 12:14:42 UTC 2016


>>>>> "Gustavo" == Gustavo Zacarias <gustavo at zacarias.com.ar> writes:

 > Fixes:
 > CVE-2016-1950 - heap-based buffer overflow related to the parsing of
 > certain ASN.1 structures. An attacker could create a specially-crafted
 > certificate which, when parsed by NSS, would cause a crash or execution
 > of arbitrary code with the permissions of the user.

 > Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>

Committed, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list