Closed
Bug 1643859
Opened 5 years ago
Closed 5 years ago
Upgrade Firefox 78 to use NSS 3.53.1
Categories
(Core :: Security: PSM, enhancement, P1)
Tracking
()
RESOLVED
FIXED
mozilla78
People
(Reporter: jcj, Assigned: jcj)
References
(Blocks 1 open bug, )
Details
(Keywords: sec-other, Whiteboard: [post-critsmash-triage][adv-main78-])
Attachments
(1 file)
|
47 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-beta+
|
Details | Review |
[Tracking Requested - why for this release]:
This security bug tracks the release of NSS 3.53.1, a security release of NSS 3.53, destined for Firefox 78. When ready, the tag will be NSS_3_53_1_RTM.
This release will fix security bugs being disclosed on or after 30 June 2020, co-incident with Firefox 78.
|
||
Updated•5 years ago
|
status-firefox79:
--- → unaffected
|
|
||
Updated•5 years ago
|
Assignee: nobody → jjones
|
||
Updated•5 years ago
|
status-firefox-esr78:
--- → affected
tracking-firefox-esr78:
--- → 78+
|
Assignee | |
Comment 1•5 years ago
|
||
2020-06-16 J.C. Jones <jjones@mozilla.com>
* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.53.1 final
[610d224a39fa] [NSS_3_53_1_RTM] <NSS_3_53_BRANCH>
2020-06-08 Sohaib ul Hassan <sohaibulhassan@tuni.fi>
* lib/freebl/mpi/mpi.c, lib/freebl/mpi/mpi.h,
lib/freebl/mpi/mplogic.c:
Bug 1631597 - Constant-time GCD and modular inversion
r=rrelya,kjacobs
The implementation is based on the work by Bernstein and Yang
(https://eprint.iacr.org/2019/266) "Fast constant-time gcd
computation and modular inversion". It fixes the old mp_gcd and
s_mp_invmod_odd_m functions.
The patch also fix mpl_significant_bits s_mp_div_2d and s_mp_mul_2d
by having less control flow to reduce side-channel leaks.
Co Author : Billy Bob Brumley
[04ea6dc51e74] <NSS_3_53_BRANCH>
2020-05-29 J.C. Jones <jjones@mozilla.com>
* .hgtags:
Added tag NSS_3_53_RTM for changeset 7e453a5afcb4
[5c1dff547a19] <NSS_3_53_BRANCH>
|
||
Updated•5 years ago
|
Attachment #9157131 -
Attachment description: Bug 1643859 - land NSS NSS_3_53_1_RTM UPGRADE_NSS_RELEASE, r=kjacobs → Bug 1643859 - land NSS NSS_3_53_1_RTM into Beta 78 UPGRADE_NSS_RELEASE, r=kjacobs
|
|
||
Updated•5 years ago
|
Attachment #9157131 -
Attachment description: Bug 1643859 - land NSS NSS_3_53_1_RTM into Beta 78 UPGRADE_NSS_RELEASE, r=kjacobs → Bug 1643859 - land NSS NSS_3_53_1_RTM UPGRADE_NSS_RELEASE, r=kjacobs
|
|
Assignee | |
Comment 2•5 years ago
|
||
Comment on attachment 9157131 [details]
Bug 1643859 - land NSS NSS_3_53_1_RTM UPGRADE_NSS_RELEASE, r=kjacobs
Beta/Release Uplift Approval Request
- User impact if declined: security bugfix
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: No
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Medium
- Why is the change risky/not risky? (and alternatives if risky): It's a revision to how the RSA cipher is implemented, but it is covered by many tests in both Firefox and in NSS.
- String changes made/needed: None
Attachment #9157131 -
Flags: approval-mozilla-beta?
|
|
||
Comment 3•5 years ago
|
||
Comment on attachment 9157131 [details]
Bug 1643859 - land NSS NSS_3_53_1_RTM UPGRADE_NSS_RELEASE, r=kjacobs
Approved for 78.0b8.
Attachment #9157131 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
|
|
Assignee | |
Updated•5 years ago
|
|
|
||
Comment 4•5 years ago
|
||
| uplift | ||
Group: crypto-core-security → core-security-release
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
|
||
Updated•5 years ago
|
Flags: qe-verify-
Whiteboard: [post-critsmash-triage]
|
||
Updated•5 years ago
|
Whiteboard: [post-critsmash-triage] → [post-critsmash-triage][adv-main78-]
|
||
Updated•4 years ago
|
Group: core-security-release
|
||
Updated•1 year ago
|
Blocks: nss-uplift
You need to log in
before you can comment on or make changes to this bug.
Description
•