Closed Bug 1457284 Opened 4 years ago Closed 4 years ago

Get latest Skia m66 cherry-picks

Categories

(Core :: Graphics, defect, P1)

60 Branch
defect

Tracking

()

RESOLVED FIXED
mozilla61
Tracking Status
firefox-esr52 --- unaffected
firefox-esr60 61+ fixed
firefox59 --- unaffected
firefox60 - wontfix
firefox61 + fixed

People

(Reporter: lsalzman, Assigned: lsalzman)

References

Details

(Keywords: sec-audit, Whiteboard: [gfx-noted][adv-main61-][adv-esr60.1-][post-critsmash-triage])

Attachments

(1 file)

[Tracking Requested - why for this release]:

Skia's m66 branch (https://skia.googlesource.com/skia/+/chrome/m66) has included some new cherry-picks to deal with various security bugs, so we should take these before 60 beta hits release.

These are just changes that have already been rolled into their branch since weeks ago, so they should be safe for us to take.
Attachment #8971370 - Flags: review?(rhunt)
Attachment #8971370 - Flags: review?(rhunt) → review+
Julien, is this something you'd still be willing to take for a 60RC build, or should we punt for Fx61 & ESR 60.1?
Group: core-security → gfx-core-security
Flags: needinfo?(jcristau)
https://hg.mozilla.org/mozilla-central/rev/1ecf63f0cca6
Group: gfx-core-security → core-security-release
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: mozilla60 → mozilla61
(In reply to Ryan VanderMeulen [:RyanVM] from comment #1)
> Julien, is this something you'd still be willing to take for a 60RC build,
> or should we punt for Fx61 & ESR 60.1?

Leaning towards the latter at this stage.
Flags: needinfo?(jcristau)
Comment on attachment 8971370 [details] [diff] [review]
add Skia m66 cherry-picks

Approval Request Comment
[Feature/Bug causing the regression]: bug 1444506
[User impact if declined]: Potential security vulnerabilities.
[Is this code covered by automated tests?]: yes
[Has the fix been verified in Nightly?]: yes
[Needs manual test from QE? If yes, steps to reproduce]: no 
[List of other uplifts needed for the feature/fix]:
[Is the change risky?]: no
[Why is the change risky/not risky?]: These are mostly security and correctness fixes that have had a few weeks of upstream testing.
[String changes made/needed]: none
Attachment #8971370 - Flags: approval-mozilla-beta?
I checked with :abillings and he agrees with leaving this until 61/60.1, so marking 60 as wontfix.
Comment on attachment 8971370 [details] [diff] [review]
add Skia m66 cherry-picks

let's get this on esr60 for 60.1 though (attachment flag's not available yet but should be soon).
Attachment #8971370 - Flags: approval-mozilla-beta? → approval-mozilla-beta-
Comment on attachment 8971370 [details] [diff] [review]
add Skia m66 cherry-picks

See comment 4. Note that this request is for the 60.1 release shipping alongside Fx61 in June.
Attachment #8971370 - Flags: approval-mozilla-esr60?
Comment on attachment 8971370 [details] [diff] [review]
add Skia m66 cherry-picks

skia fixes for 60.1esr
Attachment #8971370 - Flags: approval-mozilla-esr60? → approval-mozilla-esr60+
Whiteboard: [gfx-noted] → [gfx-noted][adv-main61-]
Whiteboard: [gfx-noted][adv-main61-] → [gfx-noted][adv-main61-][adv-esr60.1-]
Flags: qe-verify-
Whiteboard: [gfx-noted][adv-main61-][adv-esr60.1-] → [gfx-noted][adv-main61-][adv-esr60.1-][post-critsmash-triage]
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.