Closed Bug 1233495 Opened 9 years ago Closed 8 years ago

OpenH264 plugin release v1.6

Categories

(Core :: Audio/Video: GMP, defect)

Product:
Core
Component:
Audio/Video: GMP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
firefox46 --- wontfix
firefox47 + wontfix
firefox48 + fixed
firefox49 + fixed
firefox-esr38 --- affected
firefox-esr45 48+ fixed
firefox50 + fixed

People

(Reporter: hankpeng, Unassigned)

References

Details

(Keywords: sec-high, Whiteboard: [adv-main47-][adv-esr45.2-]) 

Opening as a meta bug to track all of the things we should get into the next release (>1.5.3) of OpenH264.
Blocks: 1227375
Blocks: 1227324
Blocks: 1258737
Blocks: 1258783
This fixes at least two identified sec-high bugs: we need to get this into the hands of Firefox users. The patches were committed two months ago, how much longer will it take to get a release? If the patches have been made to a branch doing feature work can we have an update off a branch from the current 1.5.3 release that just contains the security and stability fixes?
Group: core-security-release
status-firefox46: --- → affected
status-firefox47: --- → affected
status-firefox48: --- → affected
status-firefox49: --- → affected
status-firefox-esr38: --- → affected
status-firefox-esr45: --- → affected
tracking-firefox47: --- → +
tracking-firefox48: --- → +
tracking-firefox49: --- → +
tracking-firefox-esr45: --- → 47+
Keywords: sec-high
We can absolutely do a release.  I think my open question is whether Cisco is ready to stabilize a full release of OpenH264 or prefers to cherry-pick the security fixes we need to do an update of the 1.5.3 release ASAP.

Hank -- I think you are best qualified to answer my open question (above).  What do you think?  Thanks.
Flags: needinfo?(hankpeng)
Maire, yeah, it is a time for a new release. Let me sync up with the team and see what is the best way to make a release. Thanks.
Flags: needinfo?(hankpeng)
Maire, we'd like to ship a full release of OpenH264. It will include all the sec-bugs found and some enhancements in rate control and simulcast support. The team needs 2 to 3 weeks to do a comprehensive regression and performance test. After that, we'll start to release it out. What do you think? Thanks.
Flags: needinfo?(mreavy)
Blocks: 1275137
(In reply to Hank Peng from comment #4)
> Maire, we'd like to ship a full release of OpenH264. It will include all the
> sec-bugs found and some enhancements in rate control and simulcast support.
> The team needs 2 to 3 weeks to do a comprehensive regression and performance
> test. After that, we'll start to release it out. What do you think? Thanks.

I believe that proposed schedule is fine.  The only potential "fly in the ointment" is that my vacation is happening from June 18th through July 4th.  However, I can ask someone on my team to shepherd this release in my absence if we feel we're ready to test and release the update while I'm on PTO.

Dan -- Just needinfo'ing you so you see the proposed timeline.  To be clear, after Hank's team stabilized the release, my team would do some targeted testing for a few days and then we'd roll it out to Nightly, Aurora, Beta and Release over a week's time (or two weeks).  Obviously, if we found problems, we'd pause to investigate the problem which would extend the timeline.  We'd likely roll out Desktop and Mobile plugin updates at the same time.
Flags: needinfo?(mreavy) → needinfo?(dveditz)
Sounds good, that will be in the Firefox 47 timeframe. Note that the Mozilla all hands meeting will be between June 13-18 also. So if you are working with someone in releng to do the rollout let's let them know in advance too.
status-firefox46: affectedwontfix
That timeline sounds fine.
Flags: needinfo?(dveditz)
Whiteboard: [adv-main47-][adv-esr45.2-]
Blocks: 1265301
The gmp-openh264 v1.6 is ready to pick up. The code branch is v1.6-Firefox39: https://github.com/cisco/openh264/tree/v1.6-Firefox39.

The current tip commit is: https://github.com/cisco/openh264/commit/4fa3a4ec0367e11e779c202a09a94c3d18df3802. 

Please note that due to the fix of https://bugzilla.mozilla.org/show_bug.cgi?id=1225488 "Fix build process to automatically put openh264 pdb file into FF symbol server to help debug crash", now when build with option "BUILDTYPE=Release DEBUGSYMBOLS=True", the output binary libgmpopenh264.a/so is the stripped version and libgmpopenh264_debug_symbols.a/so contains the symbols for debugging. 
Please update your build script when integrating the new version of gmp-openh264 plugin.
Summary: New release of OpenH264 (>1.5.3) → OpenH264 plugin release v1.6
Depends on: 1286533
Depends on: 1286597
The current tip commit for "v1.6-Firefox39" branch is 97276f5c4da1eb450d26e666e473a32ef45a0bc3: Add an build option to disable the AVX2 assembly code for the lower version of nasm that doesn't support it.
This is live on nightly now according to email from Maire and Callek. 
Should we mark this fixed?
Flags: needinfo?(bugspam.Callek)
My gut feeling is yes, but I'd defer to Maire on that for certain.
Flags: needinfo?(bugspam.Callek) → needinfo?(mreavy)
We typically wait to close meta bugs like this until the update has been successfully deployed to all channels (Nightly through Release/ESR).  So once v1.6 is stable on Release/ESR (I'm targeting the end of next week), we can close this.
Flags: needinfo?(mreavy)
Release (48) and ESR-45.3 have 1.6
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox48: wontfixfixed
status-firefox49: affectedfixed
status-firefox-esr45: affectedfixed
tracking-firefox-esr45: 49+48+
Resolution: --- → FIXED
Group: core-security-release
Blocks: 1260800
Component: OpenH264 → Audio/Video: GMP
Product: External Software Affecting Firefox → Core
You need to log in before you can comment on or make changes to this bug.