NSS_3_12_2_WITH_CKBI_1_73_RTM for Firefox 3.0.6 and 3.1 beta

VERIFIED FIXED

Status

()

P1
blocker
VERIFIED FIXED
10 years ago
10 years ago

People

(Reporter: kaie, Assigned: kaie)

Tracking

({verified1.9.0.6, verified1.9.1})

1.9.0 Branch
x86
Linux
verified1.9.0.6, verified1.9.1
Points:
---
Bug Flags:
blocking1.9.1 +
blocking1.9.0.6 +

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(2 attachments)

(Assignee)

Description

10 years ago
Firefox 3.0.6 wants to pick up the NSS fix for bug 471715.

NSS_3_12_2_WITH_CKBI_1_73_RTM is what you want, 
it's the currently used 3.12.2 plus the single bugfix.
(Assignee)

Updated

10 years ago
Depends on: 471715
(Assignee)

Comment 1

10 years ago
Created attachment 357243 [details] [diff] [review]
Patch v1
Attachment #357243 - Flags: review?(dveditz)
Attachment #357243 - Flags: approval1.9.0.6?
Comment on attachment 357243 [details] [diff] [review]
Patch v1

r=me

Approved for 1.9.0.7. a=samuel.sidler
Attachment #357243 - Flags: review?(dveditz)
Attachment #357243 - Flags: review+
Attachment #357243 - Flags: approval1.9.0.6?
Attachment #357243 - Flags: approval1.9.0.6+
Flags: blocking1.9.0.6+
(Assignee)

Comment 3

10 years ago
checked in, marking fixed

I'm sure Samuel meant to say "approved for 1.9.0.6"
Keywords: fixed1.9.0.6
(Assignee)

Updated

10 years ago
Status: NEW → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → FIXED
Er, yeah. 1.9.0.6. :) Thanks Kai!
Verified for 1.9.0.6 by verifying bug 471715.
Keywords: fixed1.9.0.6 → verified1.9.0.6
(Assignee)

Comment 6

10 years ago
The same should be done for the next Firefox 3.1 beta.
Flags: blocking1.9.1?
Summary: NSS_3_12_2_WITH_CKBI_1_73_RTM for Firefox 3.0.6 → NSS_3_12_2_WITH_CKBI_1_73_RTM for Firefox 3.0.6 and 3.1 beta
(Assignee)

Comment 7

10 years ago
Created attachment 358295 [details] [diff] [review]
upgrade action for mozilla-1.9.1 (ff 3.1)

Mike, FYI, in mercurial (hg) we use imported snapshots of NSPR and NSS.

Currently mozilla-1.9.1 uses NSS 3.12.2.

This set of commands is the necessary action to bring mozilla-1.9.1 to a newer snapshot which has only that collision attack protection cert in addition.
Attachment #358295 - Flags: review?(beltzner)
Attachment #358295 - Flags: approval1.9.1?
Attachment #358295 - Flags: review?(beltzner)
Attachment #358295 - Flags: review+
Attachment #358295 - Flags: approval1.9.1?
Attachment #358295 - Flags: approval1.9.1+
Comment on attachment 358295 [details] [diff] [review]
upgrade action for mozilla-1.9.1 (ff 3.1)

r+a191=beltzner
(Assignee)

Comment 9

10 years ago
pushed for 1.9.1
http://hg.mozilla.org/releases/mozilla-1.9.1/rev/42e811a01a34
Keywords: fixed1.9.1

Updated

10 years ago
Flags: blocking1.9.1? → blocking1.9.1+
Priority: -- → P1
Is there a manual test case that can be performed to mark this VERIFIED?
I'm surprised that anyone still wants CKBI 1.73.  
I would have thought that any new builds of any browser, old or new, would 
want CKBI 1.75 with all the latest new roots.  No?

In reply to comment 10:
> Is there a manual test case that can be performed to mark this VERIFIED?

Yes.  It involves setting your system clock back to August 1, 2004 and 
visiting 
https://i.broke.the.internet.and.all.i.got.was.this.t-shirt.phreedom.org/
See bug 471715 comment 0 for details.
Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1pre) Gecko/20090527 Shiretoko/3.5pre

Using https://i.broke.the.internet.and.all.i.got.was.this.t-shirt.phreedom.org/ I see the following error:

Peer's certificate has an invalid signature.
(Error code: sec_error_bad_signature)

I get this error whether my date is current, Aug 1 2004, or Apr 1 2004.  Marking VERIFIED.
Status: RESOLVED → VERIFIED
Keywords: fixed1.9.1 → verified1.9.1
(Assignee)

Comment 13

10 years ago
(In reply to comment #11)
> I'm surprised that anyone still wants CKBI 1.73.  
> I would have thought that any new builds of any browser, old or new, would 
> want CKBI 1.75 with all the latest new roots.  No?

Nelson, he was simply trying to verify this old bug.
You need to log in before you can comment on or make changes to this bug.