nss: add 3.73 (#27767)

2021-12-03 00:55:57 +01:00 · 2021-12-03 00:55:57 +01:00 · fbd67feead
commit fbd67feead
parent edb971a10e
1 changed files with 8 additions and 1 deletions
--- a/var/spack/repos/builtin/packages/nss/package.py
+++ b/var/spack/repos/builtin/packages/nss/package.py
@ -16,7 +16,9 @@ class Nss(MakefilePackage):
    homepage = "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS"
    url      = "https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_67_RTM/src/nss-3.67.tar.gz"

-    version('3.67', sha256='f6549a9148cd27b394b40c77fa73111d5ea23cdb51d796665de1b7458f88ce7f')
+    version('3.73', sha256='566d3a68da9b10d7da9ef84eb4fe182f8f04e20d85c55d1bf360bb2c0096d8e5')
+    # Everything before 3.73 is vulnerable (CVE-2021-43527)
+    version('3.67', sha256='f6549a9148cd27b394b40c77fa73111d5ea23cdb51d796665de1b7458f88ce7f', deprecated=True)

    depends_on('nspr@4.24:')
    depends_on('sqlite')
@ -26,6 +28,11 @@ class Nss(MakefilePackage):

    build_directory = 'nss'

+    def url_for_version(self, version):
+        url = 'https://ftp.mozilla.org/pub/security/nss/releases/NSS_{0}_RTM/src/nss-{1}.tar.gz'
+
+        return url.format(version.underscored, version)
+
    @property
    def build_targets(self):
        # We cannot use nss_build_all because this will try to build nspr.