Upgrade Firefox ESR 68.9 to NSS 3.44.4
Categories
(Core :: Security: PSM, enhancement, P1)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox-esr68 | 77+ | fixed |
| firefox75 | --- | unaffected |
| firefox76 | --- | unaffected |
| firefox77 | --- | unaffected |
People
(Reporter: jcj, Assigned: jcj)
References
(Blocks 1 open bug, )
Details
(Keywords: sec-other, Whiteboard: [uplift date 2020-05-19][adv-esr68.9-])
Attachments
(1 file)
|
47 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-esr68+
|
Details | Review |
This security bug tracks the release of NSS 3.44.4, an extended support release of NSS 3.44, destined for Firefox 68 ESR, specifically the ESR 68.9 release on 2 June 2020. When ready, the tag will be NSS_3_44_4_RTM.
This release will fix security bugs being disclosed on or after 2 June 2020, co-incident with ESR 68.9 and Firefox 77.
[Tracking Requested - why for this release]:
This will fix one or more serious vulnerabilities in Firefox cryptography code that affect ESR 68. See the bugs for their individual sec approvals.
|
||
Updated•4 years ago
|
|
Assignee | |
Updated•4 years ago
|
|
|
Assignee | |
Updated•4 years ago
|
|
|
||
Updated•4 years ago
|
|
|
Assignee | |
Comment 1•4 years ago
|
||
Tagged and released to the CDN. Uplift in progress.
|
|
Assignee | |
Comment 2•4 years ago
|
||
2020-05-19 J.C. Jones <jjones@mozilla.com>
* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.44.4 final
[be8b38f87121] [NSS_3_44_4_RTM] <NSS_3_44_BRANCH>
2020-04-23 Robert Relyea <rrelyea@redhat.com>
* lib/freebl/dsa.c:
Bug 1631576 - Force a fixed length for DSA exponentiation
r=pereida,bbrumley
[48612468b52f] <NSS_3_44_BRANCH>
2020-01-13 Kevin Jacobs <kjacobs@mozilla.com>
* automation/taskcluster/windows/build_gyp.sh:
Bug 1608895 - Install setuptools<45.0.0 until workers are upgraded
to python3 r=jcj
[[ https://setuptools.readthedocs.io/en/latest/history.html#v45-0-0
| Setuptools 45.0.0 ]] drops support for Python2, which our Windows
workers are running.
This patch installs the prior version during build, in order to
unblock CI until the workers can be upgraded.
[42186bde9062] <NSS_3_44_BRANCH>
2019-11-19 J.C. Jones <jjones@mozilla.com>
* .hgtags:
Added tag NSS_3_44_3_RTM for changeset d871fc63531d
[b6910cab5f1e] <NSS_3_44_BRANCH>
|
|
Assignee | |
Comment 3•4 years ago
|
||
Comment on attachment 9150315 [details]
Bug 1632908 - land NSS NSS_3_44_4_RTM UPGRADE_NSS_RELEASE, r=kjacobs
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration: sec-high
- User impact if declined: Unpatched vuln
- Fix Landed on Version: 77
- Risk to taking this patch: Medium
- Why is the change risky/not risky? (and alternatives if risky): It's covered by automated tests for correctness. The actual fix has been analyzed, too.
- String or UUID changes made by this patch: n/a
|
|
||
Comment 4•4 years ago
|
||
Comment on attachment 9150315 [details]
Bug 1632908 - land NSS NSS_3_44_4_RTM UPGRADE_NSS_RELEASE, r=kjacobs
Approved for 68.9esr.
|
|
||
Comment 5•4 years ago
|
||
| uplift | ||
|
|
||
Updated•4 years ago
|
|
||
Updated•4 years ago
|
|
||
Updated•3 years ago
|
|
||
Updated•5 months ago
|
Description
•