diff options
| author | yzhu1 <yanjun.zhu@windriver.com> | 2014-06-18 05:41:30 -0400 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-06-24 19:54:11 +0100 |
| commit | 953b01e1de5de8076de326008293c89be30bb3d1 (patch) | |
| tree | c02a462044bc45878ddd5275ad22be4c3510bfc5 /meta/recipes-support/nss/nss.inc | |
| parent | b2aa82c4823900582a0a4b784c85e91515cc79fe (diff) | |
| download | poky-953b01e1de5de8076de326008293c89be30bb3d1.tar.gz | |
nss-3.15.1: fix CVE-2013-1739
Mozilla Network Security Services (NSS) before 3.15.2 does
not ensure that data structures are initialized before
read operations, which allows remote attackers to cause a
denial of service or possibly have unspecified other
impact via vectors that trigger a decryption failure.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1739
(From OE-Core rev: 9b43af77d112e75fa9827a9080b7e94f41f9a116)
Signed-off-by: yzhu1 <yanjun.zhu@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/nss/nss.inc')
| -rw-r--r-- | meta/recipes-support/nss/nss.inc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-support/nss/nss.inc b/meta/recipes-support/nss/nss.inc index 5afd63914b..cc9e7b9cd2 100644 --- a/meta/recipes-support/nss/nss.inc +++ b/meta/recipes-support/nss/nss.inc | |||
| @@ -20,6 +20,7 @@ SRC_URI = "\ | |||
| 20 | file://nss-3.15.1-fix-CVE-2013-5605.patch \ | 20 | file://nss-3.15.1-fix-CVE-2013-5605.patch \ |
| 21 | file://nss-CVE-2014-1492.patch \ | 21 | file://nss-CVE-2014-1492.patch \ |
| 22 | file://nss-CVE-2013-1740.patch \ | 22 | file://nss-CVE-2013-1740.patch \ |
| 23 | file://nss-3.15.1-fix-CVE-2013-1739.patch \ | ||
| 23 | " | 24 | " |
| 24 | SRC_URI_append_class-target = "\ | 25 | SRC_URI_append_class-target = "\ |
| 25 | file://nss.pc.in \ | 26 | file://nss.pc.in \ |