4840fc1bda
nss is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. We update nss packages and nspr to the latest centos7 versions. *** Testing *** To be sure we will work with existing databases, before updating, create a database. $ mkdir arf $ echo "Pword22*" > arf/pass. $ certutil -N -d arf -f arf/pass $ certutil -G -d arf -f arf/pass # put a key pair in the database Save the arf directory. Install an iso with the updated nss packages. Import arf. Then... $ certutil -K -d arf -f arf/pass # display the keyID $ certutil -G -d arf -f arf/pass # add a key $ certutil -K -d arf -f arf/pass # display both keyID's *** Closes-bug: 1957929 Change-Id: I960e42d1e361dace4443d6a052fe06206c6675dd Signed-off-by: Joe Slater <joe.slater@windriver.com> |
||
---|---|---|
.. | ||
compiler | ||
containers | ||
distro | ||
flock | ||
mock |