Closed Bug 1762489 Opened 2 years ago Closed 2 years ago

Update zlib in NSS to 1.2.12

Tracking

(Not tracked)

Status:

RESOLVED FIXED

Milestone:

3.78

People

(Reporter: jschanck, Assigned: jschanck)

References

Details

Attachments

(1 file)

Bug 1762489 - Update zlib in NSS to 1.2.12. r=#nss-reviewers 2 years ago John Schanck [:jschanck] 48 bytes, text/x-phabricator-request		Details \| Review

John Schanck [:jschanck]

Assignee

Description

•

2 years ago

In light of CVE-2018-25032, we should upgrade the copy of zlib in the NSS tree to v1.2.12. NSS no longer uses zlib in libssl, but it still uses it in modutil and signtool. I believe that only signtool calls deflate, so we don't have much exposure to the vulnerability.

NSS was previously upgraded to zlib v1.2.11 in Bug 1547639.

John Schanck [:jschanck]

Assignee

Comment 1

•

2 years ago

Attached file Bug 1762489 - Update zlib in NSS to 1.2.12. r=#nss-reviewers — Details

John Schanck [:jschanck]

Assignee

Comment 2

•

2 years ago

https://hg.mozilla.org/projects/nss/rev/8b9c81501400e8d3eeb6756a0a299a6c663f133b

Status: NEW → RESOLVED

Closed: 2 years ago

Resolution: --- → FIXED

Target Milestone: --- → 3.78

Ryan VanderMeulen [:RyanVM]

Updated

•

2 years ago

Blocks: 1796815

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Update zlib in NSS to 1.2.12

Categories

(NSS :: Libraries, task, P1)

Tracking

(Not tracked)

People

(Reporter: jschanck, Assigned: jschanck)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Comment 2

Updated

Attachment

General

Description

File Name

Content Type