Closed Bug 1770397 Opened 2 years ago Closed 2 years ago

Upgrade Firefox 91esr to use NSS 3.68.4

Tracking

()

Status:

RESOLVED FIXED

Tracking Flags:

Tracking

Status

firefox-esr91

101+

fixed

People

(Reporter: djackson, Assigned: djackson)

References

(Blocks 1 open bug)

Details

(Keywords: sec-high, Whiteboard: [adv-esr91.10-])

Attachments

(1 file, 1 obsolete file)

Bug 1770397 - land NSS NSS_3_68_4_RTM UPGRADE_NSS_RELEASE, r=#nss-reviewers 2 years ago Dennis Jackson 48 bytes, text/x-phabricator-request		Details \| Review
Bug 1770397 - land NSS NSS_3_68_4_RTM UPGRADE_NSS_RELEASE, r=#nss-reviewers 2 years ago Dennis Jackson 48 bytes, text/x-phabricator-request	RyanVM : approval-mozilla-esr91+	Details \| Review

Dennis Jackson

Assignee

Description

•

2 years ago

No description provided.

Dennis Jackson

Assignee

Comment 1

•

2 years ago

Attached file Bug 1770397 - land NSS NSS_3_68_4_RTM UPGRADE_NSS_RELEASE, r=#nss-reviewers (obsolete) — Details

Dennis Jackson

Assignee

Comment 2

•

2 years ago

•

Edited

Comment on attachment 9277467 [details]
Bug 1770397 - land NSS NSS_3_68_4_RTM UPGRADE_NSS_RELEASE, r=#nss-reviewers

(removed)

Attachment #9277467 - Flags: approval-mozilla-esr91?

Dennis Jackson

Assignee

Updated

•

2 years ago

Attachment #9277467 - Flags: approval-mozilla-esr91?

Phabricator Automation

Updated

•

2 years ago

Attachment #9277467 - Attachment is obsolete: true

Dennis Jackson

Assignee

Comment 3

•

2 years ago

Attached file Bug 1770397 - land NSS NSS_3_68_4_RTM UPGRADE_NSS_RELEASE, r=#nss-reviewers — Details

Dennis Jackson

Assignee

Comment 4

•

2 years ago

Comment on attachment 9277470 [details]
Bug 1770397 - land NSS NSS_3_68_4_RTM UPGRADE_NSS_RELEASE, r=#nss-reviewers

ESR Uplift Approval Request

If this is not a sec:{high,crit} bug, please state case for ESR consideration: This patch fixes a sec-high in NSS.
User impact if declined:
Fix Landed on Version:
Risk to taking this patch: Low
Why is the change risky/not risky? (and alternatives if risky): The risk is very low as the patch only ensures variables are correctly initialises and the code path is not normally active unless an attacker is attempting to inject a malicious addon.

Attachment #9277470 - Flags: approval-mozilla-esr91?

Ryan VanderMeulen [:RyanVM]

Updated

•

2 years ago

status-firefox-esr91: --- → affected

tracking-firefox-esr91: --- → 101+

Andrew McCreight [:mccr8]

Updated

•

2 years ago

Keywords: sec-high

Ryan VanderMeulen [:RyanVM]

Updated

•

2 years ago

Group: core-security-release → crypto-core-security

No longer depends on: 1766978

Keywords: leave-open

Ryan VanderMeulen [:RyanVM]

Updated

•

2 years ago

No longer depends on: 1770337

Ryan VanderMeulen [:RyanVM]

Updated

•

2 years ago

Comment 5

•

2 years ago

Comment on attachment 9277470 [details]
Bug 1770397 - land NSS NSS_3_68_4_RTM UPGRADE_NSS_RELEASE, r=#nss-reviewers

Approved for 91.10esr.

Attachment #9277470 - Flags: approval-mozilla-esr91? → approval-mozilla-esr91+

Ryan VanderMeulen [:RyanVM]

Comment 6

•

2 years ago

uplift

https://hg.mozilla.org/releases/mozilla-esr91/rev/60d6f7a293bd

Group: crypto-core-security → core-security-release

Status: NEW → RESOLVED

Closed: 2 years ago

status-firefox-esr91: affected → fixed

Resolution: --- → FIXED

Tom Ritter [:tjr]

Updated

•

2 years ago

Whiteboard: [adv-esr91.10-]

Benjamin Beurdouche [:beurdouche]

Updated

•

11 months ago

Blocks: nss-uplift

Daniel Veditz [:dveditz]

Updated

•

2 months ago

Group: core-security-release

You need to log in before you can comment on or make changes to this bug.