Package: nss / 3.12.8-1+squeeze14

Metadata

Package Version Patches format
nss 3.12.8-1+squeeze14 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
25_entropy.patch | (download)

mozilla/security/nss/lib/freebl/unix_rand.c | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

---
38_hurd.patch | (download)

mozilla/security/nss/cmd/shlibsign/shlibsign.c | 21 16 + 5 - 0 !
mozilla/security/nss/lib/freebl/unix_rand.c | 4 4 + 0 - 0 !
2 files changed, 20 insertions(+), 5 deletions(-)

---
38_kbsd.patch | (download)

mozilla/security/coreconf/Linux.mk | 15 11 + 4 - 0 !
mozilla/security/coreconf/Linux2.6.mk | 3 3 + 0 - 0 !
mozilla/security/coreconf/arch.mk | 8 8 + 0 - 0 !
mozilla/security/coreconf/config.mk | 2 1 + 1 - 0 !
mozilla/security/nss/lib/freebl/unix_rand.c | 3 2 + 1 - 0 !
mozilla/security/nss/lib/softoken/softoken.h | 2 1 + 1 - 0 !
mozilla/security/nss/lib/ssl/sslmutex.c | 2 1 + 1 - 0 !
mozilla/security/nss/lib/ssl/sslmutex.h | 2 1 + 1 - 0 !
8 files changed, 28 insertions(+), 9 deletions(-)

---
38_mips64_build.patch | (download)

mozilla/security/coreconf/Linux.mk | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

---
80_security_build.patch | (download)

mozilla/security/nss/cmd/shlibsign/Makefile | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
80_security_tools.patch | (download)

mozilla/security/nss/cmd/platlibs.mk | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

---
81_sonames.patch | (download)

mozilla/security/coreconf/BSD_OS.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/BeOS.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/FreeBSD.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/HP-UX.mk | 4 2 + 2 - 0 !
mozilla/security/coreconf/IRIX.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/Linux.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/Linux2.1.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/Linux2.2.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/Linux2.4.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/Linux2.5.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/Linux2.6.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/NetBSD.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/OSF1.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/OpenBSD.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/QNX.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/ReliantUNIX.mk | 2 1 + 1 - 0 !
mozilla/security/coreconf/SunOS5.mk | 4 2 + 2 - 0 !
mozilla/security/coreconf/rules.mk | 4 4 + 0 - 0 !
mozilla/security/coreconf/ruleset.mk | 21 20 + 1 - 0 !
mozilla/security/nss/lib/nss/manifest.mn | 1 1 + 0 - 0 !
mozilla/security/nss/lib/smime/manifest.mn | 1 1 + 0 - 0 !
mozilla/security/nss/lib/ssl/manifest.mn | 1 1 + 0 - 0 !
mozilla/security/nss/lib/util/manifest.mn | 1 1 + 0 - 0 !
23 files changed, 47 insertions(+), 20 deletions(-)

---
85_security_load.patch | (download)

mozilla/security/nss/cmd/shlibsign/shlibsign.c | 2 2 + 0 - 0 !
mozilla/security/nss/lib/pk11wrap/pk11load.c | 6 6 + 0 - 0 !
mozilla/security/nss/lib/util/secload.c | 17 16 + 1 - 0 !
3 files changed, 24 insertions(+), 1 deletion(-)

---
90_realpath.patch | (download)

mozilla/security/nss/lib/freebl/genload.c | 11 11 + 0 - 0 !
1 file changed, 11 insertions(+)

---
91_build_pwdecrypt.patch | (download)

mozilla/security/nss/cmd/manifest.mn | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

---
95_add_spi+cacert_ca_certs.patch | (download)

mozilla/security/nss/lib/ckfw/builtins/certdata.c | 559 554 + 5 - 0 !
mozilla/security/nss/lib/ckfw/builtins/certdata.txt | 555 555 + 0 - 0 !
2 files changed, 1109 insertions(+), 5 deletions(-)

---
96_NSS_VersionCheck.patch | (download)

mozilla/security/nss/lib/nss/nssinit.c | 4 0 + 4 - 0 !
1 file changed, 4 deletions(-)

---
97_SSL_RENEGOTIATE_TRANSITIONAL.patch | (download)

mozilla/security/nss/lib/ssl/sslsock.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
lower dhe priority.patch | (download)

mozilla/security/nss/lib/ssl/ssl3con.c | 2 1 + 1 - 0 !
mozilla/security/nss/lib/ssl/sslenum.c | 2 1 + 1 - 0 !
2 files changed, 2 insertions(+), 2 deletions(-)

---
fraudulent certs.patch | (download)

mozilla/security/nss/lib/ckfw/builtins/certdata.c | 1748 1745 + 3 - 0 !
mozilla/security/nss/lib/ckfw/builtins/certdata.txt | 1761 1761 + 0 - 0 !
2 files changed, 3506 insertions(+), 3 deletions(-)

---
diginotar.patch | (download)

mozilla/security/nss/lib/ckfw/builtins/certdata.c | 1223 962 + 261 - 0 !
mozilla/security/nss/lib/ckfw/builtins/certdata.txt | 1020 865 + 155 - 0 !
2 files changed, 1827 insertions(+), 416 deletions(-)

---
digicert.patch | (download)

mozilla/security/nss/lib/ckfw/builtins/certdata.c | 282 279 + 3 - 0 !
mozilla/security/nss/lib/ckfw/builtins/certdata.txt | 281 281 + 0 - 0 !
2 files changed, 560 insertions(+), 3 deletions(-)

---
CVE 2011 3640 | (download)

mozilla/security/nss/lib/softoken/sftkmod.c | 37 30 + 7 - 0 !
mozilla/security/nss/lib/softoken/sftkpars.c | 8 7 + 1 - 0 !
2 files changed, 37 insertions(+), 8 deletions(-)

---
CVE 2012 0441 | (download)

mozilla/security/nss/lib/softoken/legacydb/keydb.c | 29 29 + 0 - 0 !
mozilla/security/nss/lib/softoken/legacydb/lgcreate.c | 13 9 + 4 - 0 !
mozilla/security/nss/lib/softoken/legacydb/lowkey.c | 18 18 + 0 - 0 !
mozilla/security/nss/lib/softoken/legacydb/lowkeyti.h | 1 1 + 0 - 0 !
mozilla/security/nss/lib/util/quickder.c | 69 43 + 26 - 0 !
5 files changed, 100 insertions(+), 30 deletions(-)

---
TURKTRUST.patch | (download)

mozilla/security/nss/lib/ckfw/builtins/certdata.c | 64 61 + 3 - 0 !
mozilla/security/nss/lib/ckfw/builtins/certdata.txt | 67 67 + 0 - 0 !
2 files changed, 128 insertions(+), 3 deletions(-)

---
CVE 2013 5605.patch | (download)

mozilla/security/nss/lib/ssl/ssl3con.c | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

 cve-2013-5605: null_cipher() does not respect maxoutputlen
CVE 2014 1492.patch | (download)

mozilla/security/nss/lib/certdb/certdb.c | 17 10 + 7 - 0 !
1 file changed, 10 insertions(+), 7 deletions(-)

---
CVE 2014 1491.patch | (download)

mozilla/security/nss/lib/freebl/dh.c | 23 22 + 1 - 0 !
1 file changed, 22 insertions(+), 1 deletion(-)

---
CVE 2013 5606.patch | (download)

mozilla/security/nss/lib/certhigh/certvfy.c | 17 10 + 7 - 0 !
1 file changed, 10 insertions(+), 7 deletions(-)

---
CVE 2013 1741.patch | (download)

mozilla/security/nss/lib/util/secport.c | 40 30 + 10 - 0 !
1 file changed, 30 insertions(+), 10 deletions(-)

---
CVE 2014 1568.patch | (download)

mozilla/security/nss/lib/cryptohi/secvfy.c | 202 124 + 78 - 0 !
mozilla/security/nss/lib/softoken/pkcs11c.c | 69 29 + 40 - 0 !
mozilla/security/nss/lib/util/manifest.mn | 2 2 + 0 - 0 !
mozilla/security/nss/lib/util/nssutil.def | 6 6 + 0 - 0 !
mozilla/security/nss/lib/util/pkcs1sig.c | 169 169 + 0 - 0 !
mozilla/security/nss/lib/util/pkcs1sig.h | 31 31 + 0 - 0 !
6 files changed, 361 insertions(+), 118 deletions(-)

 [patch] fix bug 1064636, r=rrelyea, a=lmandel


CVE 2014 1544.patch | (download)

mozilla/security/nss/lib/pk11wrap/pk11cert.c | 7 7 + 0 - 0 !
1 file changed, 7 insertions(+)

---
CVE 2011 3389.patch | (download)

mozilla/security/nss/lib/ssl/ssl.h | 28 28 + 0 - 0 !
mozilla/security/nss/lib/ssl/ssl3con.c | 94 67 + 27 - 0 !
mozilla/security/nss/lib/ssl/sslimpl.h | 1 1 + 0 - 0 !
mozilla/security/nss/lib/ssl/sslsock.c | 16 16 + 0 - 0 !
4 files changed, 112 insertions(+), 27 deletions(-)

 prevent chosen plaintext attacks on ssl 3.0 and tls 1.0 connections
CVE 2014 1569.patch | (download)

mozilla/security/nss/lib/util/quickder.c | 91 73 + 18 - 0 !
1 file changed, 73 insertions(+), 18 deletions(-)

 be more strict on der length decoding in quickder.c
CVE 2015 2730.patch | (download)

mozilla/security/nss/lib/freebl/ecl/ecp_jac.c | 17 16 + 1 - 0 !
1 file changed, 16 insertions(+), 1 deletion(-)

 cve-2015-2730

Based on upstream commit

    https://hg.mozilla.org/projects/nss/rev/2c05e861ce07

CVE 2015 2721.patch | (download)

mozilla/security/nss/lib/ssl/ssl3con.c | 135 68 + 67 - 0 !
mozilla/security/nss/lib/ssl/sslimpl.h | 6 6 + 0 - 0 !
2 files changed, 74 insertions(+), 67 deletions(-)

 cve-2015-2721


CVE 2015 7182.patch | (download)

mozilla/security/nss/lib/util/secasn1d.c | 99 98 + 1 - 0 !
1 file changed, 98 insertions(+), 1 deletion(-)

 cve-2015-7182

Consisting of upstream commits

    https://hg.mozilla.org/projects/nss/raw-rev/4dc247276e58
    https://hg.mozilla.org/projects/nss/raw-rev/534aca7a5bca
    https://hg.mozilla.org/projects/nss/raw-rev/b4feb2cb0ed6

CVE 2015 7181.patch | (download)

mozilla/security/nss/lib/util/secasn1d.c | 101 86 + 15 - 0 !
1 file changed, 86 insertions(+), 15 deletions(-)

 cve-2015-7181

Consisting of upstream commits

    https://hg.mozilla.org/projects/nss/rev/8ac7f47eecbb
    https://hg.mozilla.org/projects/nss/rev/25cb033147fd

CVE 2016 1938.patch | (download)

mozilla/security/nss/lib/freebl/mpi/mpi.c | 29 20 + 9 - 0 !
1 file changed, 20 insertions(+), 9 deletions(-)

 cve-2016-1938

Consisting of upstream commits

    https://hg.mozilla.org/projects/nss/rev/a555bf0fc23a
    https://hg.mozilla.org/projects/nss/rev/cfd0ad4726cb