Closed Bug 473835 Opened 12 years ago Closed 12 years ago
_3 _12 _2 _WITH _CKBI _1 _73 _RTM for Firefox 3 .0 .6 and 3 .1 beta
Firefox 3.0.6 wants to pick up the NSS fix for bug 471715. NSS_3_12_2_WITH_CKBI_1_73_RTM is what you want, it's the currently used 3.12.2 plus the single bugfix.
Comment on attachment 357243 [details] [diff] [review] Patch v1 r=me Approved for 18.104.22.168. a=samuel.sidler
checked in, marking fixed I'm sure Samuel meant to say "approved for 22.214.171.124"
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Er, yeah. 126.96.36.199. :) Thanks Kai!
The same should be done for the next Firefox 3.1 beta.
Summary: NSS_3_12_2_WITH_CKBI_1_73_RTM for Firefox 3.0.6 → NSS_3_12_2_WITH_CKBI_1_73_RTM for Firefox 3.0.6 and 3.1 beta
Mike, FYI, in mercurial (hg) we use imported snapshots of NSPR and NSS. Currently mozilla-1.9.1 uses NSS 3.12.2. This set of commands is the necessary action to bring mozilla-1.9.1 to a newer snapshot which has only that collision attack protection cert in addition.
Comment on attachment 358295 [details] [diff] [review] upgrade action for mozilla-1.9.1 (ff 3.1) r+a191=beltzner
pushed for 1.9.1 http://hg.mozilla.org/releases/mozilla-1.9.1/rev/42e811a01a34
Is there a manual test case that can be performed to mark this VERIFIED?
I'm surprised that anyone still wants CKBI 1.73. I would have thought that any new builds of any browser, old or new, would want CKBI 1.75 with all the latest new roots. No? In reply to comment 10: > Is there a manual test case that can be performed to mark this VERIFIED? Yes. It involves setting your system clock back to August 1, 2004 and visiting https://i.broke.the.internet.and.all.i.got.was.this.t-shirt.phreedom.org/ See bug 471715 comment 0 for details.
Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1pre) Gecko/20090527 Shiretoko/3.5pre Using https://i.broke.the.internet.and.all.i.got.was.this.t-shirt.phreedom.org/ I see the following error: Peer's certificate has an invalid signature. (Error code: sec_error_bad_signature) I get this error whether my date is current, Aug 1 2004, or Apr 1 2004. Marking VERIFIED.
(In reply to comment #11) > I'm surprised that anyone still wants CKBI 1.73. > I would have thought that any new builds of any browser, old or new, would > want CKBI 1.75 with all the latest new roots. No? Nelson, he was simply trying to verify this old bug.
You need to log in before you can comment on or make changes to this bug.