GNU bug report logs - #52228
NSS CVE-2021-43527 "memory corruption validating dsa/rsa-pss signatures"

Previous Next

Package: guix;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Wed, 1 Dec 2021 17:35:02 UTC

Severity: normal

Done: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Leo Famulari <leo <at> famulari.name>
To: Mark H Weaver <mhw <at> netris.org>
Cc: 52228 <at> debbugs.gnu.org
Subject: bug#52228: NSS CVE-2021-43527 "memory corruption validating dsa/rsa-pss signatures"
Date: Sat, 4 Dec 2021 23:43:23 -0500

On Fri, Dec 03, 2021 at 07:28:18PM -0500, Mark H Weaver wrote:
> Hi,
> 
> For the record, I've pushed commits
> 080a5de2eeb5e0da83ae9fd94488508d5227c4e3 and
> d49e7a592f2f12cd1f9e07edfeebe0a2771f491e to the 'master' branch, which I
> believe should fix this issue in our 'nss', 'icecat', 'icedove',
> 'icedove-wayland', and 'geierlein' packages.

Thanks for working on it, Mark.

> Does anyone know if there are other packages in Guix that include a
> bundled copy of NSS?  If not, I guess this bug can be closed.

Personally I don't know... I hope not. Let's wait a couple more days
before closing.

This bug report was last modified 3 years and 60 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #52228 NSS CVE-2021-43527 "memory corruption validating dsa/rsa-pss signatures"

GNU bug report logs - #52228
NSS CVE-2021-43527 "memory corruption validating dsa/rsa-pss signatures"