Upgrade Firefox ESR 68 to use NSS 3.44.2
Categories
(Core :: Security: PSM, task, P1)
Tracking
()
Tracking | Status | |
---|---|---|
firefox-esr60 | --- | unaffected |
firefox-esr68 | 70+ | fixed |
firefox68 | --- | unaffected |
firefox69 | --- | unaffected |
firefox70 | --- | unaffected |
People
(Reporter: jcj, Assigned: jcj)
References
(Blocks 1 open bug, )
Details
(Keywords: sec-other, Whiteboard: [adv-esr68.2-])
Attachments
(1 file)
47 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-esr68+
|
Details | Review |
[Tracking Requested - why for this release]:
This is a cumulative security update for NSS 3.44 for Firefox 68 ESR. When ready, the tag will be NSS_3_44_2_RTM
.
Updated•5 years ago
|
Assignee | ||
Updated•5 years ago
|
Assignee | ||
Updated•5 years ago
|
Updated•5 years ago
|
Updated•5 years ago
|
Assignee | ||
Comment 1•5 years ago
|
||
At this point, we do not have a 3.44.2 release.
Updated•5 years ago
|
Updated•5 years ago
|
Assignee | ||
Comment 2•5 years ago
|
||
[Tracking Requested - why for this release]:
Re-opening to handle a sec-high which will eventually warrant ESR uplift and a 3.44.2 release.
Note that we may want to add some follow-on security fixes, TBD.
Updated•5 years ago
|
Assignee | ||
Comment 3•5 years ago
|
||
We're proposing releasing this on 9 October, same as bug 1581998. Is that an OK date, too?
Updated•5 years ago
|
Updated•5 years ago
|
Assignee | ||
Updated•5 years ago
|
Assignee | ||
Comment 5•5 years ago
|
||
Update: Per bug 1581998 we're now looking at the releases and uplifts being Wednesday, 2 October.
Assignee | ||
Updated•5 years ago
|
Assignee | ||
Comment 6•5 years ago
|
||
2019-10-02 J.C. Jones <jjones@mozilla.com>
* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.44.2 final
[927b49b0d5cf] [NSS_3_44_2_RTM] <NSS_3_44_BRANCH>
2019-10-01 Kevin Jacobs <kjacobs@mozilla.com>
* lib/softoken/pkcs11c.c:
Bug 1577953 - Support longer (up to RFC maximum) HKDF outputs r=jcj
HKDF-Expand enforces a maximum output length much shorter than
stated in the RFC. This patch aligns the implementation with the RFC
by allocating more output space when necessary.
[03b50c2194ae] <NSS_3_44_BRANCH>
2019-09-26 Deian Stefan <deian@cs.ucsd.edu>
* lib/softoken/pkcs11c.c, lib/softoken/tlsprf.c:
Bug 1582343 - Use constant time memcmp in more places r=kjacobs,jcj
[2c2f4c87b7cf] <NSS_3_44_BRANCH>
2019-05-15 Kevin Jacobs <kjacobs@mozilla.com>
* automation/taskcluster/graph/src/extend.js:
Bug 1551636 - Apply increased chains test timeout to Win32 in
addition to Win64 r=jcj
[189819ec6093] <NSS_3_44_BRANCH>
2019-06-21 J.C. Jones <jjones@mozilla.com>
* .hgtags:
Added tag NSS_3_44_1_RTM for changeset ca5ab596cbe7
[9a8eb3bb9b81] <NSS_3_44_BRANCH>
Assignee | ||
Comment 7•5 years ago
|
||
Comment on attachment 9098393 [details]
Bug 1566873 - land NSS NSS_3_44_2_RTM UPGRADE_NSS_RELEASE, r=kjacobs
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration:
- User impact if declined: One sec-high, one sec-audit.
- Fix Landed on Version: 71
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): The functionality fixes are straightforward and limited to specific crypto operaitons' correctness.
- String or UUID changes made by this patch: None
Comment 8•5 years ago
|
||
Comment on attachment 9098393 [details]
Bug 1566873 - land NSS NSS_3_44_2_RTM UPGRADE_NSS_RELEASE, r=kjacobs
Updates NSS to pick up some security fixes. Approved for 68.2esr.
Comment 9•5 years ago
|
||
uplift |
Updated•5 years ago
|
Updated•5 years ago
|
Updated•4 years ago
|
Updated•7 months ago
|
Description
•