Closed Bug 1172917 Opened 9 years ago Closed 9 years ago

Build SeaMonkey 2.35 with NSS 3.19.1+ to include fix for bug 1138554

Categories

(SeaMonkey :: Build Config, defect)

SeaMonkey 2.35 Branch
defect
Not set
major

Tracking

(seamonkey2.35+ fixed, seamonkey2.36 unaffected)

RESOLVED WORKSFORME
seamonkey2.35
Tracking Status
seamonkey2.35 + fixed
seamonkey2.36 --- unaffected

People

(Reporter: rsx11m.pub, Unassigned)

References

Details

DHE cyphers are vulnerable to a downgrade attack. This is fixed in NSS 3.19.1.
Bug 1166031 included it for the 39.0 and 38.0 ESR branches, but not 38.0 retail:

(Quoting Ryan VanderMeulen [:RyanVM UTC-4] from bug 1166031 comment #31)
> https://hg.mozilla.org/releases/mozilla-beta/rev/a74ce2833a96
> https://hg.mozilla.org/releases/mozilla-beta/rev/b239d4243b6b
> https://hg.mozilla.org/releases/mozilla-beta/rev/dc9c305024f4


(Quoting Ryan VanderMeulen [:RyanVM UTC-4] from bug 1166031 comment #46)
> https://hg.mozilla.org/releases/mozilla-esr38/rev/b68c2aa2ba17
> https://hg.mozilla.org/releases/mozilla-esr38/rev/e4122cc66111
> https://hg.mozilla.org/releases/mozilla-esr38/rev/104927365946

Possible solutions:

(a) build SeaMonkey 2.35 from mozilla-esr38 rather than mozilla-release;
(b) commit bug 1166031 comment #46 changesets to SM 2.35 release branch on mozilla-release.
Note that b68c2aa2ba17 didn't land on THUNDERBIRD_38_0_20150603_RELBRANCH but apparently was merged into THUNDERBIRD_38_VERBRANCH with https://hg.mozilla.org/releases/mozilla-esr38/rev/8818cfba3036 (see https://hg.mozilla.org/releases/mozilla-esr38/graph/260526 for reference).
Blocks: SM2.35
THUNDERBIRD_38_VERBRANCH now reflects 38.1.0 ESR which contains the current NSS 3.19.2 release.
Summary: Build SeaMonkey 2.35 with NSS 3.19.1 to include fix for bug 1138554 → Build SeaMonkey 2.35 with NSS 3.19.1+ to include fix for bug 1138554
Depends on: 1166031, 1176097
Since we plan to build SeaMonkey 2.35 off mozilla-esr38 (SEAMONKY_2_35_RELEASE_BRANCH) I'd say this particular bug is FIXED/WORKSFORME
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → WORKSFORME
Target Milestone: --- → seamonkey2.35
You need to log in before you can comment on or make changes to this bug.