Closed
Bug 1463537
Opened 6 years ago
Closed 6 years ago
Upgrade Firefox 60 ESR to use NSS 3.36.2
Categories
(Core :: Security: PSM, defect, P1)
Tracking
()
RESOLVED
FIXED
mozilla60
People
(Reporter: jcj, Assigned: jcj)
References
(Blocks 1 open bug, )
Details
Attachments
(1 file)
18.41 KB,
patch
|
RyanVM
:
approval-mozilla-esr60+
|
Details | Diff | Splinter Review |
We have two regression bugs in NSS that should get fixed for Firefox 60 ESR. These are included in NSS 3.36.2, which is tagged as NSS_3_36_2_RTM (but not yet released) [1]. To update, execute the following commands: sed -i 's/3.36.1,/3.36.2,/' old-configure.in python client.py update_nss NSS_3_36_2_RTM [1] https://hg.mozilla.org/projects/nss/rev/6ccabc4b688f
Updated•6 years ago
|
Assignee | ||
Updated•6 years ago
|
Status: NEW → ASSIGNED
Assignee | ||
Comment 1•6 years ago
|
||
[Approval Request Comment] If this is not a sec:{high,crit} bug, please state case for ESR consideration: NSS 3.36.2 fixes a TLS 1.3 connection issue that is being seen in the wild in Firefox 60+ (Bug 1462303). Also fixes a PKCS12 bug that affects some enterprise users (Bug 1460673). User impact if declined: Continued TLS 1.3 connection issues. Fix Landed on Version: NSS 3.36.2, NSS 3.37.1, NSS 3.38 Risk to taking this patch (and alternatives if risky): Low; there are only two small patches included in 3.36.2 versus the current 3.36.1. String or UUID changes made by this patch: n/a Try run: https://treeherder.mozilla.org/#/jobs?repo=try&revision=6b27a281b03928a95b18a9f554bba1d52c133aae
Attachment #8980069 -
Flags: approval-mozilla-esr60?
Comment 2•6 years ago
|
||
Comment on attachment 8980069 [details] [diff] [review] NSS_3_36_2_RTM.patch Approved for ESR 60.1.
Attachment #8980069 -
Flags: approval-mozilla-esr60? → approval-mozilla-esr60+
Comment 3•6 years ago
|
||
bugherder uplift |
https://hg.mozilla.org/releases/mozilla-esr60/rev/610e5c03c09c
Updated•6 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Updated•5 months ago
|
Blocks: nss-uplift
You need to log in
before you can comment on or make changes to this bug.
Description
•