Closed Bug 1805282 Opened 1 year ago Closed 1 year ago

update static pinning url

Categories

(Core :: Security: PSM, task, P1)

task

Tracking

()

RESOLVED FIXED
110 Branch
Tracking Status
firefox-esr102 --- fixed
firefox109 --- fixed
firefox110 --- fixed

People

(Reporter: keeler, Assigned: keeler)

Details

(Whiteboard: [psm-assigned])

Attachments

(1 file)

Chrome is updating where it keeps its static pinning information from

https://chromium.googlesource.com/chromium/src/+/refs/heads/main/net/http/transport_security_state_static.json

to

https://chromium.googlesource.com/chromium/src/+/refs/heads/main/net/http/transport_security_state_static_pins.json (which is already live).

We need to update PreloadedHPKPins.json to reflect this.

Chrome has updated where it stores its static pinning information.

Pushed by dkeeler@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/f7123555773f
update static pinning information url r=jschanck
Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED
Target Milestone: --- → 110 Branch

Comment on attachment 9307902 [details]
Bug 1805282 - update static pinning information url r?jschanck

Beta/Release Uplift Approval Request

  • User impact if declined: This is for automation - Chrome is updating the url from which we get static pinning information.
  • Is this code covered by automated tests?: No
  • Has the fix been verified in Nightly?: No
  • Needs manual test from QE?: No
  • If yes, steps to reproduce:
  • List of other uplifts needed: None
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): That only affects automation.
  • String changes made/needed:
  • Is Android affected?: No

ESR Uplift Approval Request

  • If this is not a sec:{high,crit} bug, please state case for ESR consideration: This is for automation - Chrome is updating the url from which we get static pinning information.
  • User impact if declined:
  • Fix Landed on Version: 110
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): That only affects automation.
Attachment #9307902 - Flags: approval-mozilla-esr102?
Attachment #9307902 - Flags: approval-mozilla-beta?

Comment on attachment 9307902 [details]
Bug 1805282 - update static pinning information url r?jschanck

Approved for 109.0b3 and 102.7esr.

Attachment #9307902 - Flags: approval-mozilla-esr102?
Attachment #9307902 - Flags: approval-mozilla-esr102+
Attachment #9307902 - Flags: approval-mozilla-beta?
Attachment #9307902 - Flags: approval-mozilla-beta+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: