From d7925c5f0dff50820e1a1ffc672ad1d0775fb18e Mon Sep 17 00:00:00 2001 From: Michael Stahl Date: Tue, 19 Oct 2021 15:17:39 +0200 Subject: nss: upgrade to release 3.73 Fixes: CVE-2021-43527 Memory corruption via DER-encoded DSA and RSA-PSS signatures Includes: nss: upgrade to release 3.71 * external/nss/nss.getopt.patch.0: fixed upstream * external/nss/nss-win-arm64.patch: fixed upstream * external/nss/nss_macosx.patch: one hunk was fixed upstream Conflicts: download.lst Change-Id: I5c3f169c57fc2763029b07ad7e325b2f53b7e28f Reviewed-on: https://gerrit.libreoffice.org/c/core/+/126218 Tested-by: Thorsten Behrens Reviewed-by: Thorsten Behrens (cherry picked from commit c8e21d246bcb4289cb25c82be440cd07b7418436) (cherry picked from commit c99f4359a2901bde5d6cfb623a47f99ba2d5e18a) --- download.lst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'download.lst') diff --git a/download.lst b/download.lst index 2632c4e06f8f..5b19920c281b 100644 --- a/download.lst +++ b/download.lst @@ -183,8 +183,8 @@ export MYTHES_SHA256SUM := 1e81f395d8c851c3e4e75b568e20fa2fa549354e75ab397f9de4b export MYTHES_TARBALL := a8c2c5b8f09e7ede322d5c602ff6a4b6-mythes-1.2.4.tar.gz export NEON_SHA256SUM := db0bd8cdec329b48f53a6f00199c92d5ba40b0f015b153718d1b15d3d967fbca export NEON_TARBALL := neon-0.30.2.tar.gz -export NSS_SHA256SUM := ec6032d78663c6ef90b4b83eb552dedf721d2bce208cec3bf527b8f637db7e45 -export NSS_TARBALL := nss-3.55-with-nspr-4.27.tar.gz +export NSS_SHA256SUM := 07a9e5b70f121a62706140d4cacc3006d3efb869da40f3a2bf7a65d37847f4d9 +export NSS_TARBALL := nss-3.73-with-nspr-4.32.tar.gz export ODFGEN_SHA256SUM := 55200027fd46623b9bdddd38d275e7452d1b0ff8aeddcad6f9ae6dc25f610625 export ODFGEN_VERSION_MICRO := 8 export ODFGEN_TARBALL := libodfgen-0.1.$(ODFGEN_VERSION_MICRO).tar.xz -- cgit