1511516 - Upgrade Firefox 64 Beta to use NSS 3.40.1

Status: RESOLVED FIXED

(Core :: Security: PSM, defect)

Description

[J.C. Jones [:jcj] (he/they)]

Attachment: upgrade-nss

Because of bug 1485864 a new NSS release (3.40.1) for uplift to Firefox 64 was built from the NSS_3_40_BRANCH. The tag is NSS_3_40_1_RTM.

Artifacts are available at https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_40_1_RTM/src/

Comment 1

[J.C. Jones [:jcj] (he/they)]

Comment on attachment 9029084 [details]
upgrade-nss

[Beta/Release Uplift Approval Request]

Feature/Bug causing the regression: bug 1485864

User impact if declined: It's unlikely for this side-channel to affect client-side Firefox sessions, but it could be doable, and we're intending to take this into ESR as well (Bug 1511495)

Is this code covered by automated tests?: No

Has the fix been verified in Nightly?: No

Needs manual test from QE?: No

If yes, steps to reproduce: 

List of other uplifts needed: None

Risk to taking this patch: Low

Why is the change risky/not risky? (and alternatives if risky): Constrained changes to timing within NSS without affecting functionality.

String changes made/needed: None

Comment 2

[Liz Henry (:lizzard) (relman/hg->git project)]

Marking fixed for 65 from the patches in bug 1485864.

Comment 3

[Liz Henry (:lizzard) (relman/hg->git project)]

Comment on attachment 9029084 [details]
upgrade-nss

NSS version update as discussed in bug 1511516.

Comment 4

[Ryan VanderMeulen [:RyanVM]]

https://hg.mozilla.org/releases/mozilla-beta/rev/e4535e943651