Closed
Bug 536377
Opened 15 years ago
Closed 8 years ago
configure should enforce a minimal ckbi version
Categories
(Firefox Build System :: General, defect)
Firefox Build System
General
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: jwkbugzilla, Unassigned)
References
()
Details
I am currently getting reports about Adblock Plus 1.1.2 (signed with a StartCom certificate) not being installable in Firefox/SeaMonkey on some Linux distributions ("signing could not be verified"). This is despite requiring at least Firefox 3.0.12 (first Firefox version to come with ckbi 1.75 meaning that the certificate store allows StartCom Certification Authority for code signing). The problem is apparently that the Firefox builds for these distributions use system's NSS library which features an outdated ckbi version. This has been confirmed for at least Gentoo and PCLinuxOS. The minVersion setting in extension's install.rdf is effectively worthless because even current Firefox versions might be using an outdated certificate store. Shawn Wilsher suggested that the configure script enforces a particular version of ckbi - e.g. 1.75 for Firefox 3.0/3.5 and 1.77 for Firefox 3.6. From what I can tell, right now only NSS version is checked (>= 3.12.0) - that is certainly not enough to ensure consistency across platforms, the first version to "officially" come out with ckbi 1.75 is 3.12.3.1. But ckbi is more or less independent from NSS version anyway so it makes sense to check for it directly.
Reporter | ||
Comment 1•8 years ago
|
||
Given that Mozilla is the only one to sign extensions at this point, this issue should no longer be relevant.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
Updated•6 years ago
|
Product: Core → Firefox Build System
You need to log in
before you can comment on or make changes to this bug.
Description
•