Closed
Bug 1767934
Opened 3 years ago
Closed 3 years ago
Upgrade Firefox 102 to use NSS 3.79
Categories
(Core :: Security: PSM, task, P1)
Tracking
()
RESOLVED
FIXED
102 Branch
| Tracking | Status | |
|---|---|---|
| firefox102 | --- | fixed |
People
(Reporter: anna.weine, Assigned: anna.weine)
References
(Blocks 1 open bug)
Details
(Whiteboard: [nss-fx])
Attachments
(4 files)
No description provided.
|
Assignee | |
Updated•3 years ago
|
Keywords: leave-open
|
|
Assignee | |
Comment 1•3 years ago
|
||
Pushed by djackson@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/3f8a611b454e
land NSS 85bf9240f3e1 UPGRADE_NSS_RELEASE, r=nss-reviewers,djackson
|
||
Comment 3•3 years ago
|
||
| bugherder | ||
|
|
Assignee | |
Comment 4•3 years ago
|
||
2022-05-19 John M. Schanck <jschanck@mozilla.com>
* lib/ckfw/wrap.c:
Bug 1766978 - improve error handling after
nssCKFWInstance_CreateObjectHandle. r=djackson
[2efccbd85918] [tip]
2022-03-18 Robert Relyea <rrelyea@redhat.com>
* cmd/pk12util/pk12util.c, lib/pkcs12/p12local.c,
tests/common/init.sh, tests/tools/tools.sh:
Bug 1757075 NSS does not properly import or export pkcs12 files with
large passwords and pkcs5v2 encoding.
Don't use NULL when encoding UTF8 with pkcs5v2. Fix a bug here when
converting from UCS2 to UTF8 we would add a double NULL when adding
a NULL.
[0f4664512bd0]
2022-05-17 Dennis Jackson <djackson@mozilla.com>
* nspr.patch:
Remove nspr.patch mistakenly committed in e3ac914bc684
[99e32fcca1c7]
2022-05-17 Leander Schwarz <lschwarz@mozilla.com>
* gtests/ssl_gtest/ssl_record_unittest.cc,
gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc, lib/ssl/ssl3con.c,
lib/ssl/ssl3gthr.c, lib/ssl/tls13con.c:
Bug 1764788 - Correct invalid record inner and outter content type
alerts. r=djackson
Added test cases for alerts during and pre handshake as well as TLS
1.3 only after handshake (application data) cases due to unsupported
de- and encryption of lower TLS version records in gtest.
Adjusted some test cases that expect failed connections to the
updated alerts.
[7f4b0af3a526]
* gtests/ssl_gtest/ssl_version_unittest.cc, lib/ssl/ssl3con.c:
Bug 1765753 - TLS 1.3 Server: Send protocol_version alert on
unsupported ClientHello.legacy_version. r=djackson
[bc7bfba47e0a]
* gtests/ssl_gtest/ssl_extension_unittest.cc, lib/ssl/ssl3exthandle.c:
Bug 1765753 - Added RFC8422 compliant TLS <= 1.2
undefined/compressed ECPointFormat extension alerts. r=djackson
[d06a8831ec84]
2022-05-16 John M. Schanck <jschanck@mozilla.com>
* gtests/util_gtest/manifest.mn, gtests/util_gtest/util_gtest.gyp,
gtests/util_gtest/util_secasn1d_unittest.cc, lib/util/secasn1d.c:
Bug 1387919 - Fix secasn1d parsing of indefinite SEQUENCE inside
indefinite GROUP. r=keeler,nss-reviewers,djackson
In an iteration over elements of an indefinite-length encoded GROUP
(sec_asn1d_next_in_group), the child of the current state is
responsible for parsing the GROUP's end-of-contents octets---a call
to sec_asn1d_parse_end_of_contents(state->child) sets the
endofcontents flag for state->child and a later call to
sec_asn1d_next_in_group checks state->child->endofcontents and
terminates the iteration.
In an iteration over elements of an indefinite-length encoded
SEQUENCE (sec_asn1d_next_in_sequence), on the other hand, the
current state, not its child, handles the end-of-contents octets.
Prior to this commit, an error would occur when state pointed to an
indefinite-length encoded GROUP and state->child pointed to an
indefinite-length encoded SEQUENCE. In this case, state->child would
be passed to sec_asn1d_parse_end_of_contents to parse the SEQUENCE's
end-of-contents octets. This would set the endofcontents flag for
state->child, and this would be misinterpreted as an end-of-
iteration signal for the surrounding GROUP.
[1811eec24997]
* automation/abi-check/expected-report-libnss3.so.txt,
lib/nss/nss.def, lib/pk11wrap/pk11list.c, lib/pk11wrap/pk11util.c,
lib/pk11wrap/secmod.h, lib/util/nssrwlk.h:
Bug 1753315 - Add SECMOD_LockedModuleHasRemovableSlots. r=rrelyea
[499ae15c18ad]
2022-05-13 Kai Engert <kaie@kuix.de>
* automation/abi-check/expected-report-libnspr4.so.txt,
cmd/selfserv/selfserv.c, cmd/tstclnt/tstclnt.c, nspr.patch:
Bug 1769295 - selfserv and tstclnt should use
PR_GetPrefLoopbackAddrInfo. r=rrelyea
[e3ac914bc684]
2022-05-11 John M. Schanck <jschanck@mozilla.com>
* lib/softoken/legacydb/lginit.c:
Bug 1454072 - Use of uninitialized pointer in lg_init after alloc
fail. r=nss-reviewers,nkulatova
[927d47dcc509]
2022-05-06 John M. Schanck <jschanck@mozilla.com>
* automation/clang-format/Dockerfile:
Bug 1766907 - Update mercurial in clang-format docker image. r=mt
[83a89ed9f527]
Pushed by djackson@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/6cc72802130a
land NSS 2efccbd85918 UPGRADE_NSS_RELEASE, r=nss-reviewers,djackson
|
|
||
Comment 6•3 years ago
|
||
| bugherder | ||
|
||
Comment 7•3 years ago
|
||
|
||
Updated•3 years ago
|
Depends on: CVE-2022-31741
Pushed by jschanck@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/e0797d8849d9
land NSS NSS_3_79_BETA2 UPGRADE_NSS_RELEASE, r=nss-reviewers,jschanck
|
||
Comment 9•3 years ago
|
||
| bugherder | ||
|
|
||
Comment 10•3 years ago
|
||
2022-05-26 Dennis Jackson <djackson@mozilla.com>
* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.79 final
[3463596523be] [NSS_3_79_RTM] <NSS_3_79_BRANCH>
2022-05-20 Dennis Jackson <djackson@mozilla.com>
* .hgtags:
Added tag NSS_3_79_BETA2 for changeset 82f9862369bd
[5498a0531d73] <NSS_3_79_BRANCH>
|
||
Comment 11•3 years ago
|
||
Pushed by djackson@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/5213d99cb1a0
land NSS NSS_3_79_RTM UPGRADE_NSS_RELEASE, r=nss-reviewers,jschanck DONTBUILD
|
||
Updated•3 years ago
|
Keywords: leave-open
|
||
Comment 12•3 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → 102 Branch
|
||
Updated•1 year ago
|
Blocks: nss-uplift
You need to log in
before you can comment on or make changes to this bug.
Description
•