nss: patch CVE-2024-6602

Pick the same patch as Debian took for bullseye. Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Peter Marko <peter.marko@siemens.com> 2024-10-29 23:12:38 +0100
committer: Armin Kuster <akuster808@gmail.com> 2024-11-09 14:37:32 -0500
commit: 8ad3c43248b35fa0fb1abc805c73c3bb65a63f58 (patch)
tree: 6b2c78fd9cbe15becf6ff356d731601b3007662c
parent: 1d2878df6c49d3125fa291b183bf3970bbadb9bf (diff)
download: meta-openembedded-8ad3c43248b35fa0fb1abc805c73c3bb65a63f58.tar.gz
2 files changed, 66 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/nss/nss/CVE-2024-6602.patch b/meta-oe/recipes-support/nss/nss/CVE-2024-6602.patch
new file mode 100644
index 0000000000..f75d822d03
--- /dev/null
+++ b/meta-oe/recipes-support/nss/nss/CVE-2024-6602.patch
@@ -0,0 +1,65 @@
+From 7804e99346339bb31f801a2fcba63b6fbd8bca4a Mon Sep 17 00:00:00 2001
+From: John Schanck <jschanck@mozilla.com>
+Date: Mon, 20 May 2024 18:46:14 +0000
+Subject: [PATCH] Bug 1895032 - remove redundant AllocItem implementation.
+ r=nss-reviewers,rrelyea
+Differential Revision: https://phabricator.services.mozilla.com/D209476
+--HG--
+extra : moz-landing-system : lando
+CVE: CVE-2024-6602
+Upstream-Status: Backport [https://hg.mozilla.org/projects/nss/rev/f9b22115dc97be76e388dc9d0dca946dde955e64]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ nss/lib/util/secitem.c | 23 ++++-------------------
+ 1 file changed, 4 insertions(+), 19 deletions(-)
+diff --git a/nss/lib/util/secitem.c b/nss/lib/util/secitem.c
+index cd6996178..6ba11a551 100644
+--- a/nss/lib/util/secitem.c
+++ b/nss/lib/util/secitem.c
+@@ -238,35 +238,20 @@ SECITEM_ArenaDupItem(PLArenaPool *arena, const SECItem *from)
+     SECItem *to;
+ 
+     if (from == NULL) {
+-        return (NULL);
+        return NULL;
+     }
+ 
+-    if (arena != NULL) {
+-        to = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
+-    } else {
+-        to = (SECItem *)PORT_Alloc(sizeof(SECItem));
+-    }
+    to = SECITEM_AllocItem(arena, NULL, from->len);
+     if (to == NULL) {
+-        return (NULL);
+        return NULL;
+     }
+ 
+-    if (arena != NULL) {
+-        to->data = (unsigned char *)PORT_ArenaAlloc(arena, from->len);
+-    } else {
+-        to->data = (unsigned char *)PORT_Alloc(from->len);
+-    }
+-    if (to->data == NULL) {
+-        PORT_Free(to);
+-        return (NULL);
+-    }
+-
+-    to->len = from->len;
+     to->type = from->type;
+     if (to->len) {
+         PORT_Memcpy(to->data, from->data, to->len);
+     }
+ 
+-    return (to);
+    return to;
+ }
+ 
+ SECStatus
+-- 
+2.30.2
diff --git a/meta-oe/recipes-support/nss/nss_3.98.bb b/meta-oe/recipes-support/nss/nss_3.98.bb
index 01501362e2..b3ad6133b6 100644
--- a/meta-oe/recipes-support/nss/nss_3.98.bb
+++ b/meta-oe/recipes-support/nss/nss_3.98.bb
@@ -32,6 +32,7 @@ SRC_URI = "http://ftp.mozilla.org/pub/security/nss/releases/${VERSION_DIR}/src/$
           file://system-pkcs11.txt \
           file://nss-fix-nsinstall-build.patch \
           file://0001-freebl-add-a-configure-option-to-disable-ARM-HW-cryp.patch \
+           file://CVE-2024-6602.patch \
           "
 SRC_URI[sha256sum] = "f549cc33d35c0601674bfacf7c6ad683c187595eb4125b423238d3e9aa4209ce"
author	Peter Marko <peter.marko@siemens.com>	2024-10-29 23:12:38 +0100
committer	Armin Kuster <akuster808@gmail.com>	2024-11-09 14:37:32 -0500
commit	8ad3c43248b35fa0fb1abc805c73c3bb65a63f58 (patch)
tree	6b2c78fd9cbe15becf6ff356d731601b3007662c
parent	1d2878df6c49d3125fa291b183bf3970bbadb9bf (diff)
download	meta-openembedded-8ad3c43248b35fa0fb1abc805c73c3bb65a63f58.tar.gz

diff --git a/meta-oe/recipes-support/nss/nss/CVE-2024-6602.patch b/meta-oe/recipes-support/nss/nss/CVE-2024-6602.patch new file mode 100644 index 0000000000..f75d822d03 --- /dev/null +++ b/meta-oe/recipes-support/nss/nss/CVE-2024-6602.patch
@@ -0,0 +1,65 @@
		1	From 7804e99346339bb31f801a2fcba63b6fbd8bca4a Mon Sep 17 00:00:00 2001
		2	From: John Schanck <jschanck@mozilla.com>
		3	Date: Mon, 20 May 2024 18:46:14 +0000
		4	Subject: [PATCH] Bug 1895032 - remove redundant AllocItem implementation.
		5	r=nss-reviewers,rrelyea
		6
		7	Differential Revision: https://phabricator.services.mozilla.com/D209476
		8
		9	--HG--
		10	extra : moz-landing-system : lando
		11
		12	CVE: CVE-2024-6602
		13	Upstream-Status: Backport [https://hg.mozilla.org/projects/nss/rev/f9b22115dc97be76e388dc9d0dca946dde955e64]
		14	Signed-off-by: Peter Marko <peter.marko@siemens.com>
		15	---
		16	nss/lib/util/secitem.c \| 23 ++++-------------------
		17	1 file changed, 4 insertions(+), 19 deletions(-)
		18
		19	diff --git a/nss/lib/util/secitem.c b/nss/lib/util/secitem.c
		20	index cd6996178..6ba11a551 100644
		21	--- a/nss/lib/util/secitem.c
		22	+++ b/nss/lib/util/secitem.c
		23	@@ -238,35 +238,20 @@ SECITEM_ArenaDupItem(PLArenaPool arena, const SECItem from)
		24	SECItem *to;
		25
		26	if (from == NULL) {
		27	- return (NULL);
		28	+ return NULL;
		29	}
		30
		31	- if (arena != NULL) {
		32	- to = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
		33	- } else {
		34	- to = (SECItem *)PORT_Alloc(sizeof(SECItem));
		35	- }
		36	+ to = SECITEM_AllocItem(arena, NULL, from->len);
		37	if (to == NULL) {
		38	- return (NULL);
		39	+ return NULL;
		40	}
		41
		42	- if (arena != NULL) {
		43	- to->data = (unsigned char *)PORT_ArenaAlloc(arena, from->len);
		44	- } else {
		45	- to->data = (unsigned char *)PORT_Alloc(from->len);
		46	- }
		47	- if (to->data == NULL) {
		48	- PORT_Free(to);
		49	- return (NULL);
		50	- }
		51	-
		52	- to->len = from->len;
		53	to->type = from->type;
		54	if (to->len) {
		55	PORT_Memcpy(to->data, from->data, to->len);
		56	}
		57
		58	- return (to);
		59	+ return to;
		60	}
		61
		62	SECStatus
		63	--
		64	2.30.2
		65


diff --git a/meta-oe/recipes-support/nss/nss_3.98.bb b/meta-oe/recipes-support/nss/nss_3.98.bb index 01501362e2..b3ad6133b6 100644 --- a/meta-oe/recipes-support/nss/nss_3.98.bb +++ b/meta-oe/recipes-support/nss/nss_3.98.bb
@@ -32,6 +32,7 @@ SRC_URI = "http://ftp.mozilla.org/pub/security/nss/releases/${VERSION_DIR}/src/$
32	file://system-pkcs11.txt \	32	file://system-pkcs11.txt \
33	file://nss-fix-nsinstall-build.patch \	33	file://nss-fix-nsinstall-build.patch \
34	file://0001-freebl-add-a-configure-option-to-disable-ARM-HW-cryp.patch \	34	file://0001-freebl-add-a-configure-option-to-disable-ARM-HW-cryp.patch \
		35	file://CVE-2024-6602.patch \
35	"	36	"
36	SRC_URI[sha256sum] = "f549cc33d35c0601674bfacf7c6ad683c187595eb4125b423238d3e9aa4209ce"	37	SRC_URI[sha256sum] = "f549cc33d35c0601674bfacf7c6ad683c187595eb4125b423238d3e9aa4209ce"
37		38