Closed
Bug 1762489
Opened 2 years ago
Closed 2 years ago
Update zlib in NSS to 1.2.12
Categories
(NSS :: Libraries, task, P1)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
3.78
People
(Reporter: jschanck, Assigned: jschanck)
References
Details
Attachments
(1 file)
In light of CVE-2018-25032, we should upgrade the copy of zlib in the NSS tree to v1.2.12. NSS no longer uses zlib in libssl, but it still uses it in modutil and signtool. I believe that only signtool calls deflate
, so we don't have much exposure to the vulnerability.
NSS was previously upgraded to zlib v1.2.11 in Bug 1547639.
Assignee | ||
Comment 1•2 years ago
|
||
Assignee | ||
Comment 2•2 years ago
|
||
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.78
You need to log in
before you can comment on or make changes to this bug.
Description
•