Upgrade Firefox 70 to use NSS 3.46

ASSIGNED
Assigned to

Status

()

task
P1
normal
ASSIGNED
Last month
2 days ago

People

(Reporter: jcj, Assigned: jcj)

Tracking

(Depends on 1 bug, {leave-open})

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(2 attachments)

Tracking NSS 3.46 for Firefox 70. Ultimate tag will be NSS_3_46_RTM.

Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/2b165cf536ba
land NSS 264f19e7ede7 UPGRADE_NSS_RELEASE, r=me
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/4d719512b650
land NSS 8c6fad5544a6 UPGRADE_NSS_RELEASE, r=me
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/640dad6bfd82
land NSS a31fc0eefc4c UPGRADE_NSS_RELEASE, r=me
Regressions: 1567698
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/f742215abea8
land NSS 009a7163c80a UPGRADE_NSS_RELEASE, r=me
Backout by malexandru@mozilla.com:
https://hg.mozilla.org/mozilla-central/rev/b5f2fa86e696
Backed out changeset f742215abea8 for causing Bug 1570891. UPGRADE_NSS_RELEASE a=backout

Please ignore the commit message here, this was backed out for the failures in comment 9. It was my mistake here for providing Alexandru a wrong bug no.

Thanks, opened a regression bug (Bug 1570991) and investigating there. New uplift is being tested with what I suspect is the offending patch backed out.

Flags: needinfo?(jjones)
Regressions: 1570991
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/7a4031897e6b
land NSS 777b6070fe76 UPGRADE_NSS_RELEASE, r=me
No longer regressions: 1567698
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/0a267cdf6a6d
land NSS 89aa19677e37 UPGRADE_NSS_RELEASE, r=jcj

Revset: reverse(89aa19677e37~-1::bbfc55939d75)

2019-08-14 Kevin Jacobs <kjacobs@mozilla.com>

* gtests/ssl_gtest/tls_agent.cc:
Bug 1572593 - Re-revert call to CheckCertReqAgainstDefaultCAs to
avoid memory leak (filed as bug 1573945). r=jcj

Revert back to the changes Franziskus had made. Updated the in-
source bug number to point to the new memleak bug.

Differential Revision:
https://phabricator.services.mozilla.com/D42020
[bbfc55939d75] [tip]

2019-08-12 Kevin Jacobs <kjacobs@mozilla.com>

* gtests/freebl_gtest/freebl_gtest.gyp,
gtests/mozpkix_gtest/mozpkix_gtest.gyp:
Bug 1415118 - Fix --enable-libpkix builds from build.sh r=mt,jcj

Differential Revision:
https://phabricator.services.mozilla.com/D41617
[f8926908be71]

2019-08-14 J.C. Jones <jjones@mozilla.com>

* gtests/ssl_gtest/tls_agent.cc, lib/ssl/ssl3ext.c:
Bug 1572593 - Reset advertised extensions in ssl_ConstructExtensions
r=mt,kjacobs

Reset the list of advertised extensions before sending a new set.

This reverts the changes of https://hg.mozilla.org/projects/nss/rev/
1ca362213631d6edc885b6b965b52ecffcf29afd

Differential Revision:
https://phabricator.services.mozilla.com/D41302
[b03ff661491e]

2019-08-14 Kevin Jacobs <kjacobs@mozilla.com>

* lib/freebl/ctr.c:
Bug 1539788 - UBSAN fixup for 128b counter. r=mt,jcj

Differential Revision:
https://phabricator.services.mozilla.com/D41884
[9d1f5e71773d]

2019-08-13 Kevin Jacobs <kjacobs@mozilla.com>

* lib/freebl/chacha20poly1305.c, lib/freebl/ctr.c, lib/freebl/gcm.c,
lib/freebl/intel-gcm-wrap.c, lib/freebl/rsapkcs.c:
Bug 1539788 - Add length checks for cryptographic primitives
r=mt,jcj

This patch adds additional length checks around cryptographic
primitives.

Differential Revision:
https://phabricator.services.mozilla.com/D36079
[dfd6996fe742]

2019-08-13 Marcus Burghardt <mburghardt@mozilla.com>

* gtests/freebl_gtest/mpi_unittest.cc, lib/freebl/mpi/README,
lib/freebl/mpi/mpi.c, lib/freebl/mpi/mpi.h:
Bug 1542077 - Added extra controls and tests to mp_set_int and
mp_set_ulong. r=jcj,kjacobs

Differential Revision:
https://phabricator.services.mozilla.com/D40649
[9bc47e69613e]

2019-08-13 J.C. Jones <jjones@mozilla.com>

* gtests/ssl_gtest/ssl_resumption_unittest.cc,
gtests/ssl_gtest/tls_agent.cc:
Bug 1572791 - Fixup clang-format r=bustage
[ec113de50cdd]

* gtests/ssl_gtest/tls_agent.cc,
gtests/ssl_gtest/tls_subcerts_unittest.cc, lib/ssl/tls13subcerts.c:
Bug 1572791 - Check for nulls in SSLExp_DelegateCredential and its
tests r=kjacobs

This particularly catches test errors in tls_subcerts_unittest when
the profile is stale.

Differential Revision:
https://phabricator.services.mozilla.com/D41429
[ed5067857563]

2019-08-13 Kevin Jacobs <kjacobs@mozilla.com>

* gtests/ssl_gtest/ssl_auth_unittest.cc,
gtests/ssl_gtest/ssl_cert_ext_unittest.cc,
gtests/ssl_gtest/ssl_resumption_unittest.cc,
gtests/ssl_gtest/tls_agent.cc:
Bug 1572791 - Fix ASAN cert errors when SSL gtests run on empty
profile r=jcj

Differential Revision:
https://phabricator.services.mozilla.com/D41787
[cef2aa7f3b8c]

2019-08-09 Kevin Jacobs <kjacobs@mozilla.com>

* tests/common/cleanup.sh:
Bug 1560593 - Cleanup.sh to treat core dumps as test failures on
optimized builds. r=jcj

Differential Revision:
https://phabricator.services.mozilla.com/D41392
[360010725fdb]
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/d3b872e9aca1
land NSS bbfc55939d75 UPGRADE_NSS_RELEASE, r=kjacobs
You need to log in before you can comment on or make changes to this bug.