code.ossystems Code Review - openembedded-core.git/commit

author	Li Wang <li.wang@windriver.com>
	Mon, 19 May 2014 05:42:53 +0000 (13:42 +0800)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Thu, 29 May 2014 12:42:11 +0000 (13:42 +0100)
commit	9f5402d5e40b82213fdfc09fcfc71d22f8bf5a0e
tree	6a964695910ff80c51e059bacdac66c65f99701b	tree \| snapshot
parent	65ebe470a8d69073d0ebce3111abdb0c2e2ebe3c	commit \| diff

nss: CVE-2013-1740

the patch comes from:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1740
https://bugzilla.mozilla.org/show_bug.cgi?id=919877
https://bugzilla.mozilla.org/show_bug.cgi?id=713933

changeset:   10946:f28426e944ae
user:        Wan-Teh Chang <wtc@google.com>
date:        Tue Nov 26 16:44:39 2013 -0800
summary:     Bug 713933: Handle the return value of both ssl3_HandleRecord calls

changeset:   10945:774c7dec7565
user:        Wan-Teh Chang <wtc@google.com>
date:        Mon Nov 25 19:16:23 2013 -0800
summary:     Bug 713933: Declare the |falseStart| local variable in the smallest

changeset:   10848:141fae8fb2e8
user:        Wan-Teh Chang <wtc@google.com>
date:        Mon Sep 23 11:25:41 2013 -0700
summary:     Bug 681839: Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished, r=brian@briansmith.org

changeset:   10898:1b9c43d28713
user:        Brian Smith <brian@briansmith.org>
date:        Thu Oct 31 15:40:42 2013 -0700
summary:     Bug 713933: Make SSL False Start work with asynchronous certificate validation, r=wtc

(From OE-Core rev: 11e728e64e37eec72ed0cb3fb4d5a49ddeb88666)

Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-support/nss/files/nss-CVE-2013-1740.patch	[new file with mode: 0644]	blob
meta/recipes-support/nss/nss.inc		diff \| blob \| history