From: Peter Marko <[email protected]> Pick the same patch as Debian took for bullseye.
Signed-off-by: Peter Marko <[email protected]> --- .../nss/nss/CVE-2024-6602.patch | 65 +++++++++++++++++++ meta-oe/recipes-support/nss/nss_3.74.bb | 1 + 2 files changed, 66 insertions(+) create mode 100644 meta-oe/recipes-support/nss/nss/CVE-2024-6602.patch diff --git a/meta-oe/recipes-support/nss/nss/CVE-2024-6602.patch b/meta-oe/recipes-support/nss/nss/CVE-2024-6602.patch new file mode 100644 index 0000000000..f75d822d03 --- /dev/null +++ b/meta-oe/recipes-support/nss/nss/CVE-2024-6602.patch @@ -0,0 +1,65 @@ +From 7804e99346339bb31f801a2fcba63b6fbd8bca4a Mon Sep 17 00:00:00 2001 +From: John Schanck <[email protected]> +Date: Mon, 20 May 2024 18:46:14 +0000 +Subject: [PATCH] Bug 1895032 - remove redundant AllocItem implementation. + r=nss-reviewers,rrelyea + +Differential Revision: https://phabricator.services.mozilla.com/D209476 + +--HG-- +extra : moz-landing-system : lando + +CVE: CVE-2024-6602 +Upstream-Status: Backport [https://hg.mozilla.org/projects/nss/rev/f9b22115dc97be76e388dc9d0dca946dde955e64] +Signed-off-by: Peter Marko <[email protected]> +--- + nss/lib/util/secitem.c | 23 ++++------------------- + 1 file changed, 4 insertions(+), 19 deletions(-) + +diff --git a/nss/lib/util/secitem.c b/nss/lib/util/secitem.c +index cd6996178..6ba11a551 100644 +--- a/nss/lib/util/secitem.c ++++ b/nss/lib/util/secitem.c +@@ -238,35 +238,20 @@ SECITEM_ArenaDupItem(PLArenaPool *arena, const SECItem *from) + SECItem *to; + + if (from == NULL) { +- return (NULL); ++ return NULL; + } + +- if (arena != NULL) { +- to = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem)); +- } else { +- to = (SECItem *)PORT_Alloc(sizeof(SECItem)); +- } ++ to = SECITEM_AllocItem(arena, NULL, from->len); + if (to == NULL) { +- return (NULL); ++ return NULL; + } + +- if (arena != NULL) { +- to->data = (unsigned char *)PORT_ArenaAlloc(arena, from->len); +- } else { +- to->data = (unsigned char *)PORT_Alloc(from->len); +- } +- if (to->data == NULL) { +- PORT_Free(to); +- return (NULL); +- } +- +- to->len = from->len; + to->type = from->type; + if (to->len) { + PORT_Memcpy(to->data, from->data, to->len); + } + +- return (to); ++ return to; + } + + SECStatus +-- +2.30.2 + diff --git a/meta-oe/recipes-support/nss/nss_3.74.bb b/meta-oe/recipes-support/nss/nss_3.74.bb index cffeee5ecb..464a353ff7 100644 --- a/meta-oe/recipes-support/nss/nss_3.74.bb +++ b/meta-oe/recipes-support/nss/nss_3.74.bb @@ -37,6 +37,7 @@ SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSIO file://CVE-2023-0767.patch \ file://0001-Bug-1750624-Pin-validation-date-for-PayPalEE-test-ce.patch \ file://regenerate_NameConstrain_test_certificates.tar.gz \ + file://CVE-2024-6602.patch \ " SRC_URI[sha256sum] = "88928811f9f40f87d42e2eaccdf6e454562e51486067f2ddbe90aa47ea6cd056" -- 2.30.2
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#113334): https://lists.openembedded.org/g/openembedded-devel/message/113334 Mute This Topic: https://lists.openembedded.org/mt/109286619/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
