495a5944a3
Fixes CVE-2020-6829, CVE-2020-12400 CVE-2020-12401 CVE-2020-12403. (also CVE-2020-12402 CVE-2020-12399 in older releases since 3.47) * external/nss/nss.nspr-parallel-win-debug_build.patch: remove, merged upstream Change-Id: I8b48e25ce68a2327cde1420abdaea8f9e51a7888 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100345 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@cib.de>
25 lines
1 KiB
Text
25 lines
1 KiB
Text
--- nspr/pr/src/linking/prlink.c
|
|
+++ nspr/pr/src/linking/prlink.c
|
|
@@ -799,7 +799,7 @@
|
|
* The reason is that DARWIN's dlopen ignores the provided path
|
|
* and checks for the plain filename in DYLD_LIBRARY_PATH,
|
|
* which could load an unexpected version of a library. */
|
|
- if (strchr(name, PR_DIRECTORY_SEPARATOR) == NULL) {
|
|
+ if (strchr(name, PR_DIRECTORY_SEPARATOR) == NULL || strncmp(name, "@loader_path/", 13) == 0) {
|
|
/* no slash, allow to load from any location */
|
|
okToLoad = PR_TRUE;
|
|
} else {
|
|
--- nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.c
|
|
+++ nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.c
|
|
@@ -224,7 +224,11 @@
|
|
static PRStatus PR_CALLBACK pkix_getDecodeFunction(void)
|
|
{
|
|
pkix_decodeFunc.smimeLib =
|
|
+#if defined DARWIN
|
|
+ PR_LoadLibrary("@loader_path/" SHLIB_PREFIX"smime3."SHLIB_SUFFIX);
|
|
+#else
|
|
PR_LoadLibrary(SHLIB_PREFIX"smime3."SHLIB_SUFFIX);
|
|
+#endif
|
|
if (pkix_decodeFunc.smimeLib == NULL) {
|
|
return PR_FAILURE;
|
|
}
|