[3.2] nspr: heap-buffer overflow in PL_ARENA_ALLOCATE (CVE-2015-7183)
Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape
Portable Runtime (NSPR) in Mozilla Network Security Services (NSS)
before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0
and Firefox ESR 38.x before 38.4 and other products,
allows remote attackers to execute arbitrary code or cause a denial of
service (memory corruption and application crash) via unspecified
vectors.
The problem has been fixed upstream in version 4.10.10
References:
https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/
https://bugzilla.redhat.com/show\_bug.cgi?id=CVE-2015-7183
Upstream commits:
http://hg.mozilla.org/projects/nspr/rev/c9c965b2b19c
http://hg.mozilla.org/projects/nspr/rev/bd8fb4498fa6
(from redmine: issue id 4848, created on 2015-11-11, closed on 2015-12-01)
- Relations:
- parent #4847 (closed)
- Changesets:
- Revision 69fb0e1f by Natanael Copa on 2015-11-30T14:30:15Z:
main/nspr: security upgrade to 4.10.10 (CVE-2015-7183)
fixes #4848