Your message dated Sat, 11 Jul 2026 10:32:48 +0000
with message-id <[email protected]>
and subject line Released in 13.6
has caused the Debian Bug report #1141246,
regarding trixie-pu: package nss/2:3.110-1+deb13u3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1141246: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1141246
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: [email protected], [email protected], Mike Hommey 
<[email protected]>, [email protected]
Control: affects -1 + src:nss
User: [email protected]
Usertags: pu

Hi

nss was affected by CVE-2026-12318 but not warranting a DSA. I
prepared an update cherry-picking this change on top of the last DSA
released by Moritz.

Tests on debusine were performed as:
https://debusine.debian.net/debian/developers/work-request/902930/

Regards,
Salvatore
diff -Nru nss-3.110/debian/changelog nss-3.110/debian/changelog
--- nss-3.110/debian/changelog  2026-05-17 18:37:16.000000000 +0200
+++ nss-3.110/debian/changelog  2026-06-30 20:22:51.000000000 +0200
@@ -1,3 +1,11 @@
+nss (2:3.110-1+deb13u3) trixie; urgency=medium
+
+  * Non-maintainer upload.
+  * improve handling of escape sequences in pk11uri_ParseAttributes
+    (CVE-2026-12318)
+
+ -- Salvatore Bonaccorso <[email protected]>  Tue, 30 Jun 2026 20:22:51 +0200
+
 nss (2:3.110-1+deb13u2) trixie-security; urgency=medium
 
   * CVE-2026-6766
diff -Nru nss-3.110/debian/patches/CVE-2026-12318.patch 
nss-3.110/debian/patches/CVE-2026-12318.patch
--- nss-3.110/debian/patches/CVE-2026-12318.patch       1970-01-01 
01:00:00.000000000 +0100
+++ nss-3.110/debian/patches/CVE-2026-12318.patch       2026-06-30 
20:22:01.000000000 +0200
@@ -0,0 +1,36 @@
+
+# HG changeset patch
+# User John Schanck <[email protected]>
+# Date 1776891142 0
+# Node ID bd0c42028c8eae5b9cbdb4f5b0ee59bc07cba2de
+# Parent  98ae9f70d97a87957a997af8ac9110836a5dd094
+Bug 2023478 - improve handling of escape sequences in pk11uri_ParseAttributes. 
r=nss-reviewers,keeler
+
+Differential Revision: https://phabricator.services.mozilla.com/D295642
+
+diff --git a/nss/lib/util/pkcs11uri.c b/nss/lib/util/pkcs11uri.c
+--- a/nss/lib/util/pkcs11uri.c
++++ b/nss/lib/util/pkcs11uri.c
+@@ -619,19 +619,19 @@ pk11uri_ParseAttributes(const char **str
+             if (strchr(stop_chars, *p) != NULL) {
+                 break;
+             }
+             if (strchr(accept_chars, *p) != NULL) {
+                 continue;
+             }
+             if (*p == '%') {
+                 const char ch2 = *++p;
+-                if (strchr(PK11URI_HEXDIG, ch2) != NULL) {
++                if (ch2 != '\0' && strchr(PK11URI_HEXDIG, ch2) != NULL) {
+                     const char ch3 = *++p;
+-                    if (strchr(PK11URI_HEXDIG, ch3) != NULL)
++                    if (ch3 != '\0' && strchr(PK11URI_HEXDIG, ch3) != NULL)
+                         continue;
+                 }
+             }
+ 
+             return SECFailure;
+         }
+         value_end = p;
+ 
+
diff -Nru nss-3.110/debian/patches/series nss-3.110/debian/patches/series
--- nss-3.110/debian/patches/series     2026-05-17 18:36:57.000000000 +0200
+++ nss-3.110/debian/patches/series     2026-06-30 20:21:02.000000000 +0200
@@ -4,3 +4,4 @@
 CVE-2026-6766.patch
 CVE-2026-6767.patch
 CVE-2026-6772.patch
+CVE-2026-12318.patch

--- End Message ---
--- Begin Message ---
Version: 13.6

This update was released as part of 13.6.

--- End Message ---

Reply via email to