[Buildroot] [PATCH] libnss: security bump to version 3.22.2
Peter Korsgaard
peter at korsgaard.com
Wed Mar 9 12:14:42 UTC 2016
>>>>> "Gustavo" == Gustavo Zacarias <gustavo at zacarias.com.ar> writes:
> Fixes:
> CVE-2016-1950 - heap-based buffer overflow related to the parsing of
> certain ASN.1 structures. An attacker could create a specially-crafted
> certificate which, when parsed by NSS, would cause a crash or execution
> of arbitrary code with the permissions of the user.
> Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list