Closed Bug 1760872 Opened 2 years ago Closed 2 years ago

Upgrade Firefox 91.8esr to use NSS 3.68.3


(Core :: Security: PSM, task, P1)

Firefox 91



Tracking Status
firefox-esr91 99+ fixed


(Reporter: jschanck, Assigned: jschanck)



(Whiteboard: [nss-fx])


(1 file)

No description provided.
Keywords: sec-other
Depends on: 1756271
Depends on: 1755555
Depends on: CVE-2022-1097
Group: crypto-core-security
Keywords: sec-otherleave-open

2022-03-23 John M. Schanck <>

* lib/dev/dev.h, lib/dev/devslot.c, lib/dev/devt.h,
lib/dev/devtoken.c, lib/pk11wrap/dev3hack.c:
Bug 1756271 - Remove token member from NSSSlot struct. r=rrelyea

[e3da860d9d1c] [NSS_3_68_3_RTM] <NSS_3_68_3_BRANCH>

2022-02-24 John M. Schanck <>

* lib/pki/trustdomain.c:
Bug 1755555 - Hold tokensLock through nssToken_GetSlot calls in
nssTrustDomain_GetActiveSlots. r=rrelyea

[1931b2b09b55] <NSS_3_68_3_BRANCH>

2022-02-23 John M. Schanck <>

* lib/certdb/crl.c, lib/certdb/stanpcertdb.c, lib/dev/devtoken.c,
lib/dev/devutil.c, lib/pk11wrap/pk11auth.c, lib/pk11wrap/pk11cert.c,
lib/pk11wrap/pk11nobj.c, lib/pk11wrap/pk11slot.c,
lib/pk11wrap/pk11util.c, lib/pk11wrap/secmodti.h,
lib/pki/pki3hack.c, lib/pki/trustdomain.c:
Bug 1370866 - Check return value of PK11Slot_GetNSSToken. r=djackson

[ba0086e6737d] <NSS_3_68_3_BRANCH>

2022-03-25 John M. Schanck <>

* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.68.3 final
[c7b7c2f03ef2] <NSS_3_68_3_BRANCH>

2021-12-15 Benjamin Beurdouche <>

* .hgtags:
Added tag NSS_3_68_2_RTM for changeset 78d2f4a3339f
[c55cf4a0cb0e] <NSS_3_68_2_BRANCH>

Comment on attachment 9269707 [details]
Bug 1760872 - land NSS NSS_3_68_3_RTM UPGRADE_NSS_RELEASE, r=djackson

ESR Uplift Approval Request

  • If this is not a sec:{high,crit} bug, please state case for ESR consideration:
  • User impact if declined: NSS 3.68.3 fixes memory safety violations that can occur if a PKCS#11 token is removed while it is in use.
  • Fix Landed on Version: 99 / 100
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): The changes are internal to NSS and have been tested in Fx99 and Fx100.
Attachment #9269707 - Flags: approval-mozilla-esr91?

Comment on attachment 9269707 [details]
Bug 1760872 - land NSS NSS_3_68_3_RTM UPGRADE_NSS_RELEASE, r=djackson

Approved for 91.8esr.

Attachment #9269707 - Flags: approval-mozilla-esr91? → approval-mozilla-esr91+
Closed: 2 years ago
Keywords: leave-open
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.