Closed
Bug 1770337
Opened 2 years ago
Closed 2 years ago
Upgrade Firefox 101 to use NSS 3.78.1
Categories
(Core :: Security: PSM, task, P1)
Tracking
()
RESOLVED
FIXED
People
(Reporter: djackson, Assigned: djackson)
References
(Blocks 1 open bug)
Details
(Keywords: sec-high, Whiteboard: [post-critsmash-triage][adv-main101-])
Attachments
(1 file)
|
48 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-beta+
|
Details | Review |
No description provided.
|
Assignee | |
Updated•2 years ago
|
Keywords: leave-open
|
|
Assignee | |
Comment 1•2 years ago
|
||
2022-05-20 Dennis Jackson <djackson@mozilla.com>
* doc/rst/releases/index.rst, doc/rst/releases/nss_3_78_1.rst:
Release notes for NSS 3.78.1
[1892ac0bb68d] [NSS_3_78_1_RTM] <NSS_3_78_BRANCH>
2022-05-16 Dennis Jackson <djackson@mozilla.com>
* cmd/smimetools/cmsutil.c, lib/smime/cmsdigest.c:
Bug 1767590 - Initialize pointers passed to
NSS_CMSDigestContext_FinishMultiple r=#nss-reviewers,kaie
As NSS_CMSDigestContext_FinishMultiple may leave its outparam
unchanged when it returns SECSuccess, ensure that we set the value
to NULL prior to invoking it. If this has happened because data was
missing and hence the digest was never updated, the secasn1d parser
will notice the missing child and raise a decodeError.
[f90a530a6606] <NSS_3_78_BRANCH>
2022-05-19 John M. Schanck <jschanck@mozilla.com>
* lib/ckfw/wrap.c:
Bug 1766978 - improve error handling after
nssCKFWInstance_CreateObjectHandle. r=djackson
[1c30ba79a5f8] <NSS_3_78_BRANCH>
2022-05-20 Dennis Jackson <djackson@mozilla.com>
* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.78.1 final
[0d9296f60e29] <NSS_3_78_BRANCH>
2022-04-28 Dennis Jackson <djackson@mozilla.com>
* .hgtags:
Added tag NSS_3_78_RTM for changeset 30fe50c80e23
[ccf9be30b3b2] <NSS_3_78_BRANCH>
|
|
Assignee | |
Comment 2•2 years ago
•
|
||
Comment on attachment 9277455 [details]
Bug 1770337 - land NSS NSS_3_78_1_RTM UPGRADE_NSS_RELEASE, r=#nss-reviewers
Note: See approvals / requests in parent bugs.
Beta/Release Uplift Approval Request
- User impact if declined: This patch fixes a sec-high memory safety bug in NSS which impacts Firefox users via addon signatures and also a threading issue causing numerous crashes.
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: No
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): The sec-high fixes are in a codepath which is not used during normal addon verification and is only triggered when given malicious inputs. The threading fix is considered high-confidence.
- String changes made/needed:
- Is Android affected?: Yes
Attachment #9277455 -
Flags: approval-mozilla-beta?
|
||
Updated•2 years ago
|
status-firefox101:
--- → affected
tracking-firefox101:
--- → +
|
|
||
Updated•2 years ago
|
Group: core-security-release → crypto-core-security
Keywords: leave-open
|
|
||
Comment 3•2 years ago
|
||
Comment on attachment 9277455 [details]
Bug 1770337 - land NSS NSS_3_78_1_RTM UPGRADE_NSS_RELEASE, r=#nss-reviewers
Approved for 101.0rc1.
Attachment #9277455 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
|
|
||
Comment 4•2 years ago
|
||
| uplift | ||
Group: crypto-core-security → core-security-release
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
|
||
Updated•2 years ago
|
Flags: qe-verify-
Whiteboard: [post-critsmash-triage]
|
||
Updated•2 years ago
|
Whiteboard: [post-critsmash-triage] → [post-critsmash-triage][adv-main101-]
|
||
Updated•2 years ago
|
Group: core-security-release
|
||
Updated•10 months ago
|
Blocks: nss-uplift
You need to log in
before you can comment on or make changes to this bug.
Description
•