Closed
Bug 1419760
Opened 7 years ago
Closed 7 years ago
Pick up root CA changes for Firefox 58, released as NSS 3.34.1
Categories
(Core :: Security: PSM, defect, P1)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla59
Tracking | Status | |
---|---|---|
thunderbird_esr52 | --- | unaffected |
firefox-esr52 | --- | unaffected |
firefox57 | --- | unaffected |
firefox58 | + | fixed |
firefox59 | --- | fixed |
People
(Reporter: KaiE, Assigned: KaiE)
References
Details
(Whiteboard: [psm-assigned])
Attachments
(1 file)
179.22 KB,
patch
|
jcristau
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
Because of bug 1418678 we should update Firefox 58 (beta) to pick up the required change to the root CA list.
In order to minimize the number of separate CA list releases, we may combine that with the removal of obsolete/expired blacklist entries (bug 1409872).
Assignee | ||
Updated•7 years ago
|
status-firefox57:
--- → unaffected
status-firefox58:
--- → affected
status-firefox-esr52:
--- → unaffected
tracking-firefox58:
--- → ?
Updated•7 years ago
|
Assignee | ||
Comment 1•7 years ago
|
||
Approval Request Comment
[Feature/Bug causing the regression]: bug 1400030
[User impact if declined]: Linux users have trouble with untrusted certificates
[Is this code covered by automated tests?]: n/a - not a code change
[Has the fix been verified in Nightly?]: n/a - not a code change
[Needs manual test from QE? If yes, steps to reproduce]: no
[List of other uplifts needed for the feature/fix]: none
[Is the change risky?]: no
[Why is the change risky/not risky?]: no code change, only trust flags
[String changes made/needed]: none
Attachment #8931455 -
Flags: approval-mozilla-beta?
Assignee | ||
Comment 2•7 years ago
|
||
FYI, we haven't yet fixed mozilla-central, because we only take new snapshots of NSS, not individual fixes for m-c. And we need a bit more time before the latest NSS trunk snapshot builds with m-c. However, the changes have already landed into NSS trunk, and the NSS tests aren't showing any issues. m-c will get these fixes automatically with the next NSS uplift to m-c.
It's safe to uplift the attached patch to beta early, as there are no code changes.
![]() |
||
Updated•7 years ago
|
Priority: -- → P1
Whiteboard: [psm-assigned]
Assignee | ||
Comment 3•7 years ago
|
||
Hello Julien, do you think this can get approved?
Flags: needinfo?(jcristau)
Comment 4•7 years ago
|
||
Comment on attachment 8931455 [details] [diff] [review]
1419760-v1.patch
Yes, let's get this in the next build.
Flags: needinfo?(jcristau)
Attachment #8931455 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
Assignee | ||
Comment 5•7 years ago
|
||
uplift |
Thanks for the approval, landed as
https://hg.mozilla.org/releases/mozilla-beta/rev/e3bb5759d9e4182c7566e3eef67477b7e830427b
BTW, in the meantime, m-c had received the change with an NSS trunk snapshot, too.
Assignee | ||
Updated•7 years ago
|
Target Milestone: --- → mozilla59
Assignee | ||
Updated•7 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•