Upgrade Firefox 71 to use NSS 3.47.1
Categories
(Core :: Security: PSM, task, P1)
Tracking
()
People
(Reporter: jcj, Assigned: jcj)
References
(Blocks 1 open bug, )
Details
(Keywords: sec-other, Whiteboard: [adv-main71-])
Attachments
(1 file)
47 bytes,
text/x-phabricator-request
|
pascalc
:
approval-mozilla-beta+
|
Details | Review |
[Tracking Requested - why for this release]:
This is a cumulative security update for NSS 3.47 for Firefox 71 . When ready, the tag will be NSS_3_47_1_RTM
.
Assignee | ||
Updated•5 years ago
|
Updated•5 years ago
|
Assignee | ||
Comment 1•5 years ago
|
||
2019-11-19 J.C. Jones <jjones@mozilla.com>
* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.47.1 final
[6339a6f350c9] [NSS_3_47_1_RTM] <NSS_3_47_BRANCH>
2019-11-19 Craig Disselkoen <cdisselk@cs.ucsd.edu>
* lib/softoken/pkcs11c.c:
Bug 1586176 - EncryptUpdate should use maxout not block size.
r=franziskus
[4c20de402b39] <NSS_3_47_BRANCH>
2019-10-21 Marcus Burghardt <mburghardt@mozilla.com>
* lib/ckfw/builtins/testlib/certdata-testlib.txt:
Bug 1589810 - Uninitialized variable warnings from certdata.perl.
r=mt
[86f505b65576] <NSS_3_47_BRANCH>
2019-11-04 Marcus Burghardt <mburghardt@mozilla.com>
* lib/pk11wrap/pk11cert.c:
Bug 1590495 - Crash in PK11_MakeCertFromHandle->pk11_fastCert. r=jcj
Fixed controls to avoid crashes caused by slots possibly without a
token in pk11_fastCert. Also, improved arguments controls in
PK11_MakeCertFromHandle.
[54ce0e2caeb8] <NSS_3_47_BRANCH>
2019-11-11 Tom Prince <mozilla@hocat.ca>
* automation/taskcluster/graph/src/extend.js,
automation/taskcluster/windows/setup.sh:
Bug 1594891 - Use tc-proxy for nss tooltool; r=dustin,jcj
[15b525236995] <NSS_3_47_BRANCH>
2019-11-08 Dustin J. Mitchell <dustin@mozilla.com>
* automation/taskcluster/graph/npm-shrinkwrap.json,
automation/taskcluster/graph/package.json,
automation/taskcluster/graph/src/image_builder.js,
automation/taskcluster/graph/src/queue.js,
automation/taskcluster/scripts/tools.sh,
automation/taskcluster/windows/gen_certs.sh,
automation/taskcluster/windows/run_tests.sh:
Bug 1594891 - Updates to run correctly on the new TC deployment
r=jcj
* Update the Taskcluster client used in the decision task to one
that understands Taskcluster rootUrls.
* Update scripts that fetch content to use the TASKCLUSTER_ROOT_URL
* the absence of this variale signals an "old" worker so we use an
"old" URL
[054c57351ca0] <NSS_3_47_BRANCH>
2019-11-07 Tom Prince <mozilla@hocat.ca>
* .taskcluster.yml, automation/taskcluster/graph/src/extend.js,
automation/taskcluster/graph/src/queue.js:
Bug 1591275: Switch workers to use AWS Provder; r=kjacobs
[af55d9185ec5] <NSS_3_47_BRANCH>
2019-10-18 J.C. Jones <jjones@mozilla.com>
* .hgtags:
Added tag NSS_3_47_RTM for changeset 7ccb4ade5577
[dcadb95b9d77] <NSS_3_47_BRANCH>
Updated•5 years ago
|
Updated•5 years ago
|
Assignee | ||
Comment 2•5 years ago
|
||
Comment on attachment 9110098 [details]
Bug 1588559 - land NSS NSS_3_47_1_RTM UPGRADE_NSS_RELEASE, r=kjacobs
Beta/Release Uplift Approval Request
- User impact if declined: sec-high CVE-2019-11745
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: Yes
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): Minimal fix for CVE-2019-11745, and a backported crash fix that effects some enterprise profiles which had two weeks to bake in nightly
- String changes made/needed: none
Comment 3•5 years ago
|
||
Comment on attachment 9110098 [details]
Bug 1588559 - land NSS NSS_3_47_1_RTM UPGRADE_NSS_RELEASE, r=kjacobs
Uplift approved for 71 beta 12, thanks.
Comment 4•5 years ago
|
||
uplift |
Updated•5 years ago
|
Updated•5 years ago
|
Updated•4 years ago
|
Updated•1 year ago
|
Description
•