If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

built-in objects dll picked up by a profile must be that of the latest installed version of the software.

VERIFIED DUPLICATE of bug 147280

Status

Core Graveyard
Security: UI
P1
normal
VERIFIED DUPLICATE of bug 147280
16 years ago
a year ago

People

(Reporter: Stephane Saux, Assigned: David P. Drinan)

Tracking

1.0 Branch
Future
x86
Windows 2000

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

16 years ago
Currently, the secmod db stores the full path of the nssckbi.dll which store
built-in root CA certs.

Secmod.db is in the profile, and the value stored in it for nssckbi.dll reflects
the install location of the client version that created it (for 6.1 and higher).

If someone which thus created a secmod.db with 6.1, installs 6.2 in a different
directory than 6.1 (i.e., the new installation's nssckbi.dll doesn't replace the
old nssckbi.dll), and uses this profile, then 6.2 will use the 6.1 version of
nssckbi.dll

The solution is to make sure that entries in secmod.db for nssckbi.dll are
versioned.  The result will be that the software will check that the nssckbi.dll
is the most recent available:

The requirement will be:
The dll in secmod.db exists.
its version in secmod.db must equal or higher than the currently executing
version of the client ships with.

If these requirements are not met, the secmod.db will be updated to reflect the
version the currently executing client has.

This will allows the root ca list to be has complete as possible.

This may requires some NSS work as well for the secmod entry versioning.
(Reporter)

Updated

16 years ago
Priority: -- → P1
Target Milestone: --- → Future
(Reporter)

Comment 1

16 years ago
*** Bug 104965 has been marked as a duplicate of this bug. ***

Comment 2

15 years ago
I believe this is a duplicate of NSS bug 147280.

Because this one is PSM and the other is NSS, I'm not marking this one as a
duplicate, but rather add a dependency.
We should decide whether we are fine, once bug 147280 gets resolved.
Depends on: 147280

Comment 3

15 years ago

*** This bug has been marked as a duplicate of 147280 ***
Status: NEW → RESOLVED
Last Resolved: 15 years ago
No longer depends on: 147280
Resolution: --- → DUPLICATE

Comment 4

15 years ago
Verified dupe.
Status: RESOLVED → VERIFIED

Updated

13 years ago
Component: Security: UI → Security: UI
Product: PSM → Core

Updated

9 years ago
Version: psm2.1 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.