Mozilla upgrade to NSS 3.12.9 final

VERIFIED FIXED in mozilla2.0

Status

()

Core
Security: PSM
--
blocker
VERIFIED FIXED
7 years ago
6 years ago

People

(Reporter: briansmith, Assigned: kaie)

Tracking

Trunk
mozilla2.0
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(blocking1.9.2 .17+, status1.9.2 .17-fixed, blocking1.9.1 .19+, status1.9.1 .19-fixed, fennec2.0+)

Details

NSS 3.12.9 beta already landed; see bug 599324.
Nominating to be blocking 2.0 final; see bug 599324 comment 29.
blocking2.0: --- → ?
tracking-fennec: --- → ?
Target Milestone: --- → mozilla2.0

Updated

7 years ago
tracking-fennec: ? → 2.0+
(Assignee)

Updated

7 years ago
Assignee: nobody → kaie
As of 4.0b8, if one wants to build against systemwide nss/nspr, it needs 3.12.9 / nspr 4.8.7, and those are not released/available on mirrors..
Can we have an ETA for this releases ?
(Assignee)

Comment 3

7 years ago
Landry, sorry, we haven't prepared tarballs yet, we usually don't do that for beta versions.

Could you please fetch beta versions yourself from CVS?

:pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot

cvs co -r NSPR_4_8_7_BETA2 mozilla/nsprpub
cvs co -r NSS_3_12_9_BETA2 mozilla/security/nss mozilla/security/coreconf \
                           mozilla/dbm mozilla/security dbm

If you don't want to pull from cvs, we plan the final release and tarballs to be available by end of first week in January.
Oh, okay. As the dependencies in configure.in were bumped to 4.8.7/3.12.9,
i thought those had been actually released. My mistake.
I'll wait for the final releases tarballs then, and stay with 4.0b7 in the meantime.
(Assignee)

Comment 5

7 years ago
The releases are tagged and tarballs uploaded.
ftp://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v4.8.7/src/
ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_12_9_RTM/src/
Thanks for the notice, both versions build fine on OpenBSD -current.
(Assignee)

Comment 7

7 years ago
pushed to mozilla-central.

http://hg.mozilla.org/mozilla-central/rev/17fae822d2d7
Status: NEW → RESOLVED
blocking2.0: ? → ---
Last Resolved: 7 years ago
Resolution: --- → FIXED
(Assignee)

Comment 8

7 years ago
Let's decide, should this be given to FF 3.6 and FF 3.5 stable branches?

Comment 9

7 years ago
Yes, I recommend that.
(Assignee)

Comment 10

7 years ago
Requesting approval for stable branches.
blocking1.9.1: --- → ?
blocking1.9.2: --- → ?
blocking1.9.1: ? → .18+
blocking1.9.2: ? → .15+
status1.9.1: --- → wanted
status1.9.2: --- → wanted
Blocks: 602521
(Assignee)

Comment 11

6 years ago
I didn't notice the branch approval until now.

The upgrade to NSS 3.12.9 implies the NSPR upgrade to 4.8.7
(Assignee)

Comment 12

6 years ago
Upgraded to 4.8.7 and 3.12.9 on both branches.

I reapplied the lower-dhe-priority patch
(luckily we have the security/patches directory)

I didn't see a nsprpub/patches directory, and couldn't find anything in the log,
I conclude no patches on top of NSPR are currently being used on the branches.

http://hg.mozilla.org/releases/mozilla-1.9.2/rev/62bf42e973e9
http://hg.mozilla.org/releases/mozilla-1.9.1/rev/753d58ad2332
status1.9.1: wanted → .18-fixed
status1.9.2: wanted → .15-fixed
Status: RESOLVED → VERIFIED
The "3.6.15" we're releasing today does not fix this bug, the release containing this bug fix has been renamed to "3.6.16" and the bugzilla flags will be updated to reflect that soon. Today's release is a re-release of 3.6.14 plus a fix for a bug that prevented many Java applets from starting up.

Comment 14

6 years ago
Does it make sense to fix https://bugzilla.mozilla.org/show_bug.cgi?id=646460 , before we upgrade nss?
Blocks: 596798
You need to log in before you can comment on or make changes to this bug.