Closed Bug 1637369 Opened 5 years ago Closed 5 years ago

Upgrade Firefox 77 to NSS 3.52.1

Categories

(Core :: Security: PSM, enhancement, P1)

Product:
Core
Component:
Security: PSM
Version:
77 Branch
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla77
Tracking Flags:
Tracking Status
firefox-esr68 --- unaffected
firefox76 --- wontfix
firefox77 + fixed
firefox78 --- unaffected

People

(Reporter: jcj, Assigned: jcj)

References

(Blocks 1 open bug,
URL
)

Details

(Keywords: sec-other, Whiteboard: [post-critsmash-triage][adv-main77-])

Attachments

(1 file)

Bug 1637369 - land NSS NSS_3_52_1_RTM UPGRADE_NSS_RELEASE, r=kjacobs
47 bytes, text/x-phabricator-request
RyanVM
: approval-mozilla-beta+
Details | Review

[Tracking Requested - why for this release]:

This security bug tracks the release of NSS 3.52.1, a security release of NSS 3.52, destined for Firefox 77. When ready, the tag will be NSS_3_52_1_RTM.

This release will fix security bugs being disclosed on or after 2 June 2020, co-incident with ESR 68.9 and Firefox 77.

[Tracking Requested - why for this release]:
This will fix one or more serious vulnerabilities in Firefox cryptography code that affect Firefox 77. See the bugs for their individual sec approvals.

Group: core-security-release → crypto-core-security
Whiteboard: [uplift date 2020-05-19]

2020-05-19 J.C. Jones <jjones@mozilla.com>

* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.52.1 final
[83d296f12b3e] [NSS_3_52_1_RTM] <NSS_3_52_BRANCH>

2020-04-23 Robert Relyea <rrelyea@redhat.com>

* lib/freebl/dsa.c:
Bug 1631576 - Force a fixed length for DSA exponentiation
r=pereida,bbrumley

[a5a9937948c8] <NSS_3_52_BRANCH>

2020-05-01 J.C. Jones <jjones@mozilla.com>

* .hgtags:
Added tag NSS_3_52_RTM for changeset befc258c4336
[92f61e8d8203] <NSS_3_52_BRANCH>

Comment on attachment 9150286 [details]
Bug 1637369 - land NSS NSS_3_52_1_RTM UPGRADE_NSS_RELEASE, r=kjacobs

Beta/Release Uplift Approval Request

  • User impact if declined: sec-high
  • Is this code covered by automated tests?: Yes
  • Has the fix been verified in Nightly?: No
  • Needs manual test from QE?: No
  • If yes, steps to reproduce:
  • List of other uplifts needed: None
  • Risk to taking this patch: Medium
  • Why is the change risky/not risky? (and alternatives if risky): There are no low-risk crypto algorithm changes. There's reasonable coverage of the changes made as to correctness, and analysis indicates the bug in question is resolved.
  • String changes made/needed: n/a
Attachment #9150286 - Flags: approval-mozilla-beta?

Comment on attachment 9150286 [details]
Bug 1637369 - land NSS NSS_3_52_1_RTM UPGRADE_NSS_RELEASE, r=kjacobs

Approved for 77.0b8

Attachment #9150286 - Flags: approval-mozilla-beta? → approval-mozilla-beta+

https://hg.mozilla.org/releases/mozilla-beta/rev/d64b298d08bc3847778e99a510cc341a7f4dac09

Group: crypto-core-security → core-security-release
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
status-firefox77: affectedfixed
status-firefox-esr68: --- → unaffected
Resolution: --- → FIXED
Whiteboard: [uplift date 2020-05-19]
Flags: qe-verify-
Whiteboard: [post-critsmash-triage]
Whiteboard: [post-critsmash-triage] → [post-critsmash-triage][adv-main77-]
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: