Upgrade Firefox 102.2 ESR to use NSS 3.79.1
Categories
(Core :: Security: PSM, task)
Tracking
()
People
(Reporter: beurdouche, Assigned: nkulatova)
References
(Blocks 1 open bug)
Details
(Whiteboard: [nss-fx])
Attachments
(1 file, 1 obsolete file)
48 bytes,
text/x-phabricator-request
|
diannaS
:
approval-mozilla-esr102+
|
Details | Review |
ESR Uplift Approval Request
If this is not a sec:{high,crit} bug, please state case for ESR consideration:
User impact if declined: None, This mainly fixes a few intermittents
Fix Landed on Version: 105
Risk to taking this patch: Low
Why is the change risky/not risky? (and alternatives if risky): Most of the patches have been tested in 104 already apart from a very small defensive change in NSS that isn't expected to break anything in Fx
Reporter | ||
Updated•2 years ago
|
Assignee | ||
Comment 1•2 years ago
|
||
Updated•2 years ago
|
Updated•2 years ago
|
Assignee | ||
Comment 3•2 years ago
|
||
2022-08-18 Anna Weine <anna.weine@mozilla.com>
* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.79.1 final
[b8532be03b77] [NSS_3_79_1_RTM] <NSS_3_79_1_BRANCH>
* doc/rst/releases/nss_3_79_1.rst:
Documentation: Release notes for NSS 3.79.1
[89171864de68] <NSS_3_79_1_BRANCH>
2022-08-18 John M. Schanck <jschanck@mozilla.com>
* lib/util/secasn1d.c, lib/util/secasn1e.c:
Bug 1330271 - check for null template in sec_asn1{d,e}_push_state. r
=nss-reviewers,djackson
Some of our dynamic template choosers, e.g.
sec_pkcs12_choose_attr_type, can return NULL. This patch adds some
defensive checks to avoid crashes when they do.
[d42c5a1bfe5a] <NSS_3_79_1_BRANCH>
2022-06-06 John M. Schanck <jschanck@mozilla.com>
* lib/softoken/sftkdb.c, lib/softoken/sftkpwd.c:
Bug 1760998 - avoid data race on primary password change. r=rrelyea
[2c290cd6b08d] <NSS_3_79_1_BRANCH>
2022-06-08 John M. Schanck <jschanck@mozilla.com>
* lib/softoken/pkcs11.c, lib/softoken/pkcs11i.h:
Bug 1759794 - protect SFTKSlot needLogin with slotLock. r=rrelyea
[0827dca35888] <NSS_3_79_1_BRANCH>
2022-06-06 John M. Schanck <jschanck@mozilla.com>
* lib/certdb/certdb.c, lib/certdb/certv3.c, lib/certdb/certxutl.c,
lib/crmf/cmmfrec.c:
Bug 1771498 - Uninitialized value in cert_ComputeCertType.
r=djackson
[890df0aa8baf] <NSS_3_79_1_BRANCH>
2022-06-07 John M. Schanck <jschanck@mozilla.com>
* lib/certhigh/certvfy.c, lib/util/SECerrs.h, lib/util/secerr.h:
Bug 1366464 - compare signature and signatureAlgorithm fields in
legacy certificate verifier. r=rrelyea
[b6b18d0259e7] <NSS_3_79_1_BRANCH>
2022-08-18 Anna Weine <anna.weine@mozilla.com>
* .hgtags:
Added tag NSS_3_79_1_BETA1 for changeset 50b1502dc601
[4186188d7de4] <NSS_3_79_1_BRANCH>
2022-05-25 Kai Engert <kaie@kuix.de>
* automation/release/nspr-version.txt:
Bug 1769302 - NSS 3.79 should depend on NSPR 4.34. r=bbeurdouche
[50b1502dc601] [NSS_3_79_1_BETA1] <NSS_3_79_BRANCH>
2022-05-31 Dennis Jackson <djackson@mozilla.com>
* doc/rst/releases/index.rst, doc/rst/releases/nss_3_79.rst:
Release notes for NSS 3.79
[5b675d89f013] <NSS_3_79_BRANCH>
2022-05-26 Dennis Jackson <djackson@mozilla.com>
* .hgtags:
Added tag NSS_3_79_RTM for changeset 3463596523be
[a842dc16c5a6] <NSS_3_79_BRANCH>
Updated•2 years ago
|
Assignee | ||
Comment 4•2 years ago
|
||
Comment on attachment 9290473 [details]
Bug 1785788 - land NSS NSS_3_79_1_RTM UPGRADE_NSS_RELEASE, r=#nss-reviewers
ESR Approval Request Comment
https://bugzilla.mozilla.org/show_bug.cgi?id=1785788#c0
Comment 5•2 years ago
|
||
Comment on attachment 9290473 [details]
Bug 1785788 - land NSS NSS_3_79_1_RTM UPGRADE_NSS_RELEASE, r=#nss-reviewers
Approved for 102.2esr
Comment 6•2 years ago
|
||
bugherder uplift |
Updated•2 years ago
|
Comment 7•2 years ago
•
|
||
bugherder uplift |
We forgot to include bug 1777672 in the 3.79.1 release, though that was one of the drivers for it. Per discussion with Benjamin, I've cherry-picked the change to ESR102 for now and we will graft it upstream for the next 3.79 release.
https://hg.mozilla.org/releases/mozilla-esr102/rev/3876d5327f44
Comment 8•2 years ago
|
||
(In reply to Ryan VanderMeulen [:RyanVM] from comment #7)
We forgot to include bug 1777672 in the 3.79.1 release, though that was one of the drivers for it. Per discussion with Benjamin, I've cherry-picked the change to ESR102 for now and we will graft it upstream for the next 3.79 release.
https://hg.mozilla.org/releases/mozilla-esr102/rev/3876d5327f44
Hello!
From what I understand, this commit is on https://hg.mozilla.org/releases/mozilla-esr102, but is missing on https://github.com/mozilla/gecko-dev/commits/esr102.
However, the following commit, that refers it (bfec1611aef0b04d3b60822d934ae40464c44191) is on both.
Comment 9•2 years ago
|
||
(In reply to Pier Angelo Vendrame from comment #8)
From what I understand, this commit is on https://hg.mozilla.org/releases/mozilla-esr102, but is missing on https://github.com/mozilla/gecko-dev/commits/esr102.
However, the following commit, that refers it (bfec1611aef0b04d3b60822d934ae40464c44191) is on both.
It's there, Github's UI just shows it further down because the patch date was from July:
https://github.com/mozilla/gecko-dev/commit/c1b716fc8bcdfafaced31df5c918275849878da3
Comment 10•2 years ago
|
||
You are right! Indeed it is there also in git log
.
Thank you and sorry for the noise 😅️.
Reporter | ||
Updated•5 months ago
|
Description
•