Closed Bug 1511516 Opened 5 years ago Closed 5 years ago

Upgrade Firefox 64 Beta to use NSS 3.40.1

Categories

(Core :: Security: PSM, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla64
Tracking Status
firefox64 + fixed
firefox65 --- unaffected

People

(Reporter: jcj, Assigned: jcj)

References

(Blocks 1 open bug, )

Details

Attachments

(1 file)

Attached file upgrade-nss
Because of bug 1485864 a new NSS release (3.40.1) for uplift to Firefox 64 was built from the NSS_3_40_BRANCH. The tag is NSS_3_40_1_RTM.

Artifacts are available at https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_40_1_RTM/src/
Comment on attachment 9029084 [details]
upgrade-nss

[Beta/Release Uplift Approval Request]

Feature/Bug causing the regression: bug 1485864

User impact if declined: It's unlikely for this side-channel to affect client-side Firefox sessions, but it could be doable, and we're intending to take this into ESR as well (Bug 1511495)

Is this code covered by automated tests?: No

Has the fix been verified in Nightly?: No

Needs manual test from QE?: No

If yes, steps to reproduce: 

List of other uplifts needed: None

Risk to taking this patch: Low

Why is the change risky/not risky? (and alternatives if risky): Constrained changes to timing within NSS without affecting functionality.

String changes made/needed: None
Attachment #9029084 - Flags: approval-mozilla-beta?
Marking fixed for 65 from the patches in bug 1485864.
Comment on attachment 9029084 [details]
upgrade-nss

NSS version update as discussed in bug 1511516.
Attachment #9029084 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
https://hg.mozilla.org/releases/mozilla-beta/rev/e4535e943651
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla64
You need to log in before you can comment on or make changes to this bug.