feat: update nss to 2:3.110-1+deb13u2

debian/changelog

@@ -1,8 +1,49 @@
-nss (2:3.105-2deepin1) unstable; urgency=medium
+nss (2:3.110-1+deb13u2) trixie-security; urgency=medium
 
-  * fix CVE-2026-2781 
+  * CVE-2026-6766
+  * CVE-2026-6767
+  * CVE-2026-6772
 
- -- zengwei <zengwei1@uniontech.com>  Sat, 28 Feb 2026 10:09:36 +0800
+ -- Moritz Mühlenhoff <jmm@debian.org>  Sun, 17 May 2026 18:37:16 +0200
+
+nss (2:3.110-1+deb13u1) trixie-security; urgency=medium
+
+  * CVE-2026-2781
+
+ -- Moritz Mühlenhoff <jmm@debian.org>  Wed, 25 Feb 2026 20:47:21 +0100
+
+nss (2:3.110-1) unstable; urgency=medium
+
+  * New upstream release.
+  * debian/libnss3.symbols: Add NSS_3.110 symbol version.
+
+ -- Mike Hommey <glandium@debian.org>  Wed, 02 Apr 2025 08:39:10 +0900
+
+nss (2:3.109-1) unstable; urgency=medium
+
+  * New upstream release.
+
+ -- Mike Hommey <glandium@debian.org>  Wed, 05 Mar 2025 06:13:17 +0900
+
+nss (2:3.108-1) unstable; urgency=medium
+
+  * New upstream release.
+  * debian/libnss3.symbols: Add NSS_3.107 (not a typo) and NSSUTIL_3.108
+    symbol versions.
+
+ -- Mike Hommey <glandium@debian.org>  Sun, 16 Feb 2025 05:02:59 +0900
+
+nss (2:3.107-1) unstable; urgency=medium
+
+  * New upstream release.
+
+ -- Mike Hommey <glandium@debian.org>  Wed, 08 Jan 2025 07:35:40 +0900
+
+nss (2:3.106-1) unstable; urgency=medium
+
+  * New upstream release.
+
+ -- Mike Hommey <glandium@debian.org>  Tue, 19 Nov 2024 07:29:02 +0900
 
 nss (2:3.105-2) unstable; urgency=medium
 

debian/libnss3.symbols

@@ -22,6 +22,9 @@ libnss3.so libnss3 #MINVER#
  (symver)NSS_3.10 2:3.13.4-2~
  (symver)NSS_3.10.2 2:3.13.4-2~
  (symver)NSS_3.101 2:3.101
+# This is not a typo.
+ (symver)NSS_3.107 2:3.108
+ (symver)NSS_3.110 2:3.110
  (symver)NSS_3.11 2:3.13.4-2~
  (symver)NSS_3.11.1 2:3.13.4-2~
  (symver)NSS_3.11.2 2:3.13.4-2~
@@ -101,6 +104,7 @@ libnssdbm3.so libnss3 #MINVER#
 libnssutil3.so libnss3 #MINVER#
 * Build-Depends-Package: libnss3-dev
  (symver)NSSUTIL_3.101 2:3.101
+ (symver)NSSUTIL_3.108 2:3.108
  (symver)NSSUTIL_3.12 2:3.13.4-2~
  (symver)NSSUTIL_3.12.3 2:3.13.4-2~
  (symver)NSSUTIL_3.12.5 2:3.13.4-2~

debian/patches/CVE-2026-2781.patch

@@ -1,17 +1,15 @@
-From b7159ee944072fb04a0990ace2f9326cf85ece5f Mon Sep 17 00:00:00 2001
-From: zengwei <zengwei1@uniontech.com>
-Date: Sat, 28 Feb 2026 10:08:57 +0800
-Subject: [PATCH] CVE-2026-2781
+# HG changeset patch
+# User John Schanck <jschanck@mozilla.com>
+# Date 1770830509 0
+# Node ID 245385e16fa62111d6e3c3fbd847b020755f64f0
+# Parent  76e6887ecc1a5410233ad9c5f4cadae4e298a37b
+Bug 2009552 - avoid integer overflow in platform-independent ghash. r=nss-reviewers,nkulatova
 
----
- nss/lib/freebl/gcm.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
+Differential Revision: https://phabricator.services.mozilla.com/D278681
 
-diff --git a/nss/lib/freebl/gcm.c b/nss/lib/freebl/gcm.c
-index d728867..e087cc4 100644
---- a/nss/lib/freebl/gcm.c
-+++ b/nss/lib/freebl/gcm.c
-@@ -353,7 +353,7 @@ gcmHash_Update(gcmHashContext *ghash, const unsigned char *buf,
+--- nss-3.110.orig/nss/lib/freebl/gcm.c
++++ nss-3.110/nss/lib/freebl/gcm.c
+@@ -357,7 +357,7 @@ gcmHash_Update(gcmHashContext *ghash, co
      unsigned int blocks;
      SECStatus rv;
 
@@ -20,6 +18,3 @@ index d728867..e087cc4 100644
 
      /* first deal with the current buffer of data. Try to fill it out so
       * we can hash it */
--- 
-2.20.1
-

debian/patches/CVE-2026-6766.patch

@@ -0,0 +1,22 @@
+# HG changeset patch
+# User John Schanck <jschanck@mozilla.com>
+# Date 1773760657 0
+# Node ID 42da9a7f8a035849ba92e89dd095d4219a3e1d3d
+# Parent  2d03bf59ca4feacb31a30923f730f549f25332e8
+Bug 2023207 - Fix integer underflow in tls13_AEAD when ciphertext is shorter than tag. r=#nss-reviewers
+
+Differential Revision: https://phabricator.services.mozilla.com/D287662
+
+--- nss-3.110.orig/nss/lib/ssl/tls13con.c
++++ nss-3.110/nss/lib/ssl/tls13con.c
+@@ -4988,6 +4988,10 @@ tls13_AEAD(PK11Context *context, PRBool
+         PORT_Memcpy(ivOut, ivIn, ivLen);
+     }
+     if (decrypt) {
++        if (inLen < tagLen) {
++            PORT_SetError(SEC_ERROR_INPUT_LEN);
++            return SECFailure;
++        }
+         inLen = inLen - tagLen;
+         tag = (unsigned char *)in + inLen;
+         /* tag is const on decrypt, but returned on encrypt */

debian/patches/CVE-2026-6767.patch

@@ -0,0 +1,239 @@
+
+# HG changeset patch
+# User Dana Keeler <dkeeler@mozilla.com>
+# Date 1773854548 0
+# Node ID 4e693e8b5c0db30ee8e0043edabcf9787a747aa8
+# Parent  42da9a7f8a035849ba92e89dd095d4219a3e1d3d
+Bug 2023209 - ensure permittedSubtrees don't match wildcards that could be outside the permitted tree r?jschanck
+
+Differential Revision: https://phabricator.services.mozilla.com/D287712
+
+--- nss-3.110.orig/nss/gtests/mozpkix_gtest/pkixnames_tests.cpp
++++ nss-3.110/nss/gtests/mozpkix_gtest/pkixnames_tests.cpp
+@@ -2132,6 +2132,45 @@ static const NameConstraintParams NAME_C
+     Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+   },
+
++  // Wildcard SANs have subtle outcomes.
++  { ByteString(), DNSName("*.example.com"),
++    GeneralSubtree(DNSName(".example.com")),
++    Success,
++    Result::ERROR_CERT_NOT_IN_NAME_SPACE
++  },
++  { ByteString(), DNSName("*.example.com"),
++    GeneralSubtree(DNSName("example.com")),
++    Success,
++    Result::ERROR_CERT_NOT_IN_NAME_SPACE
++  },
++  // A certificate with a wildcard SAN entry like `*.example.com` can't be
++  // issued by a CA with a DNSName name constraint entry like `foo.example.com`
++  // in either the permitted or excluded subtrees. If in the permitted subtree,
++  // the certificate would be valid for `bar.example.com`, which would violate
++  // the constraint. If in the excluded subtree, the certificate would be valid
++  // for `foo.example.com`, which would violate the constraint.
++  { ByteString(), DNSName("*.example.com"),
++    GeneralSubtree(DNSName("foo.example.com")),
++    Result::ERROR_CERT_NOT_IN_NAME_SPACE,
++    Result::ERROR_CERT_NOT_IN_NAME_SPACE
++  },
++  { ByteString(), DNSName("*.foo.example.com"),
++    GeneralSubtree(DNSName("example.com")),
++    Success,
++    Result::ERROR_CERT_NOT_IN_NAME_SPACE
++  },
++  { ByteString(), DNSName("*.example.com"),
++    GeneralSubtree(DNSName("foo.example.org")),
++    Result::ERROR_CERT_NOT_IN_NAME_SPACE,
++    Success
++  },
++  // `*invalid.example.com` is an invalid presented DNSID.
++  { ByteString(), DNSName("*invalid.example.com"),
++    GeneralSubtree(DNSName("invalid.example.com")),
++    Result::ERROR_BAD_DER,
++    Result::ERROR_BAD_DER
++  },
++
+   /////////////////////////////////////////////////////////////////////////////
+   // Basic IP Address constraints (non-CN-ID)
+
+--- nss-3.110.orig/nss/lib/mozpkix/lib/pkixnames.cpp
++++ nss-3.110/nss/lib/mozpkix/lib/pkixnames.cpp
+@@ -172,6 +172,12 @@ enum class IDRole
+   NameConstraint = 2,
+ };
+
++enum class NameConstraintsSubtrees : uint8_t
++{
++  permittedSubtrees = der::CONSTRUCTED | der::CONTEXT_SPECIFIC | 0,
++  excludedSubtrees  = der::CONSTRUCTED | der::CONTEXT_SPECIFIC | 1
++};
++
+ enum class AllowWildcards { No = 0, Yes = 1 };
+
+ // DNSName constraints implicitly allow subdomain matching when there is no
+@@ -184,16 +190,22 @@ enum class AllowDotlessSubdomainMatches
+ bool IsValidDNSID(Input hostname, IDRole idRole,
+                   AllowWildcards allowWildcards);
+
++// `subtreesType` is relevant only when `referenceDNSIDRole` is
++// `IDRole::NameConstraint`.
+ Result MatchPresentedDNSIDWithReferenceDNSID(
+          Input presentedDNSID,
+          AllowWildcards allowWildcards,
+          AllowDotlessSubdomainMatches allowDotlessSubdomainMatches,
+          IDRole referenceDNSIDRole,
++         /*optional*/ const NameConstraintsSubtrees* subtreesType,
+          Input referenceDNSID,
+          /*out*/ bool& matches);
+
++// `subtreesType` is relevant only when `referenceDNSIDRole` is
++// `IDRole::NameConstraint`.
+ Result MatchPresentedRFC822NameWithReferenceRFC822Name(
+          Input presentedRFC822Name, IDRole referenceRFC822NameRole,
++         /*optional*/ const NameConstraintsSubtrees* subtreesType,
+          Input referenceRFC822Name, /*out*/ bool& matches);
+
+ } // namespace
+@@ -212,7 +224,7 @@ MatchPresentedDNSIDWithReferenceDNSID(In
+   return MatchPresentedDNSIDWithReferenceDNSID(
+            presentedDNSID, AllowWildcards::Yes,
+            AllowDotlessSubdomainMatches::Yes, IDRole::ReferenceID,
+-           referenceDNSID, matches);
++           nullptr, referenceDNSID, matches);
+ }
+
+ // Verify that the given end-entity cert, which is assumed to have been already
+@@ -731,7 +743,7 @@ MatchPresentedIDWithReferenceID(GeneralN
+       rv = MatchPresentedDNSIDWithReferenceDNSID(
+              presentedID, AllowWildcards::Yes,
+              AllowDotlessSubdomainMatches::Yes, IDRole::ReferenceID,
+-             referenceID, foundMatch);
++             nullptr, referenceID, foundMatch);
+       break;
+
+     case GeneralNameType::iPAddress:
+@@ -741,7 +753,7 @@ MatchPresentedIDWithReferenceID(GeneralN
+
+     case GeneralNameType::rfc822Name:
+       rv = MatchPresentedRFC822NameWithReferenceRFC822Name(
+-             presentedID, IDRole::ReferenceID, referenceID, foundMatch);
++             presentedID, IDRole::ReferenceID, nullptr, referenceID, foundMatch);
+       break;
+
+     case GeneralNameType::directoryName:
+@@ -767,20 +779,16 @@ MatchPresentedIDWithReferenceID(GeneralN
+   return Success;
+ }
+
+-enum class NameConstraintsSubtrees : uint8_t
+-{
+-  permittedSubtrees = der::CONSTRUCTED | der::CONTEXT_SPECIFIC | 0,
+-  excludedSubtrees  = der::CONSTRUCTED | der::CONTEXT_SPECIFIC | 1
+-};
+-
+ Result CheckPresentedIDConformsToNameConstraintsSubtrees(
+          GeneralNameType presentedIDType,
+          Input presentedID,
+          Reader& nameConstraints,
+          NameConstraintsSubtrees subtreesType);
++
+ Result MatchPresentedIPAddressWithConstraint(Input presentedID,
+                                              Input iPAddressConstraint,
+                                              /*out*/ bool& foundMatch);
++
+ Result MatchPresentedDirectoryNameWithConstraint(
+          NameConstraintsSubtrees subtreesType, Input presentedID,
+          Input directoryNameConstraint, /*out*/ bool& matches);
+@@ -886,7 +894,7 @@ CheckPresentedIDConformsToNameConstraint
+           rv = MatchPresentedDNSIDWithReferenceDNSID(
+                  presentedID, AllowWildcards::Yes,
+                  AllowDotlessSubdomainMatches::Yes, IDRole::NameConstraint,
+-                 base, matches);
++                 &subtreesType, base, matches);
+           if (rv != Success) {
+             return rv;
+           }
+@@ -911,7 +919,7 @@ CheckPresentedIDConformsToNameConstraint
+
+         case GeneralNameType::rfc822Name:
+           rv = MatchPresentedRFC822NameWithReferenceRFC822Name(
+-                 presentedID, IDRole::NameConstraint, base, matches);
++                 presentedID, IDRole::NameConstraint, &subtreesType, base, matches);
+           if (rv != Success) {
+             return rv;
+           }
+@@ -1094,6 +1102,7 @@ MatchPresentedDNSIDWithReferenceDNSID(
+   AllowWildcards allowWildcards,
+   AllowDotlessSubdomainMatches allowDotlessSubdomainMatches,
+   IDRole referenceDNSIDRole,
++  /*optional*/ const NameConstraintsSubtrees* subtreesType,
+   Input referenceDNSID,
+   /*out*/ bool& matches)
+ {
+@@ -1184,18 +1193,28 @@ MatchPresentedDNSIDWithReferenceDNSID(
+       return NotReached("Skipping '*' failed",
+                         Result::FATAL_ERROR_LIBRARY_FAILURE);
+     }
+-    do {
+-      // This will happen if reference is a single, relative label
+-      if (reference.AtEnd()) {
+-        matches = false;
+-        return Success;
+-      }
+-      uint8_t referenceByte;
+-      if (reference.Read(referenceByte) != Success) {
+-        return NotReached("invalid reference ID",
+-                          Result::FATAL_ERROR_INVALID_ARGS);
+-      }
+-    } while (!reference.Peek('.'));
++    // For the permittedSubtrees of a name constraint, wildcard presented
++    // DNSIDs of the form `*.example.com` only match if the name constraint is
++    // of the form `.example.com` or `example.com`. To put it another way, a
++    // permittedSubtrees of `foo.example.com` does not match a wildcard
++    // presented DNSID of `*.example.com`, because in that case, the
++    // certificate could be valid for `bar.example.com`, which does not match
++    // the name constraint.
++    if (referenceDNSIDRole != IDRole::NameConstraint ||
++        (subtreesType && *subtreesType != NameConstraintsSubtrees::permittedSubtrees)) {
++      do {
++        // This will happen if reference is a single, relative label
++        if (reference.AtEnd()) {
++          matches = false;
++          return Success;
++        }
++        uint8_t referenceByte;
++        if (reference.Read(referenceByte) != Success) {
++          return NotReached("invalid reference ID",
++                            Result::FATAL_ERROR_INVALID_ARGS);
++        }
++      } while (!reference.Peek('.'));
++    }
+   }
+
+   for (;;) {
+@@ -1552,11 +1571,13 @@ IsValidRFC822Name(Input input)
+   }
+ }
+
++// `subtreesType` is relevant only when `referenceRFC822NameRole` is
++// `IDRole::NameConstraint`.
+ Result
+-MatchPresentedRFC822NameWithReferenceRFC822Name(Input presentedRFC822Name,
+-                                                IDRole referenceRFC822NameRole,
+-                                                Input referenceRFC822Name,
+-                                                /*out*/ bool& matches)
++MatchPresentedRFC822NameWithReferenceRFC822Name(
++  Input presentedRFC822Name, IDRole referenceRFC822NameRole,
++  /*optional*/ const NameConstraintsSubtrees* subtreesType,
++  Input referenceRFC822Name, /*out*/ bool& matches)
+ {
+   if (!IsValidRFC822Name(presentedRFC822Name)) {
+     return Result::ERROR_BAD_DER;
+@@ -1599,6 +1620,7 @@ MatchPresentedRFC822NameWithReferenceRFC
+       return MatchPresentedDNSIDWithReferenceDNSID(
+                presentedDNSID, AllowWildcards::No,
+                AllowDotlessSubdomainMatches::No, IDRole::NameConstraint,
++               subtreesType,
+                referenceRFC822Name, matches);
+     }
+   }