Last Comment Bug 618368 - Mozilla upgrade to NSS 3.12.9 final
: Mozilla upgrade to NSS 3.12.9 final
Status: VERIFIED FIXED
:
Product: Core
Classification: Components
Component: Security: PSM (show other bugs)
: Trunk
: All All
: -- blocker (vote)
: mozilla2.0
Assigned To: Kai Engert (:kaie)
:
Mentors:
Depends on:
Blocks: 596798 602521
  Show dependency treegraph
 
Reported: 2010-12-10 10:50 PST by Brian Smith (:briansmith, :bsmith, use NEEDINFO?)
Modified: 2011-07-27 10:41 PDT (History)
12 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---
.17+
.17-fixed
.19+
.19-fixed
2.0+


Attachments

Description Brian Smith (:briansmith, :bsmith, use NEEDINFO?) 2010-12-10 10:50:54 PST
NSS 3.12.9 beta already landed; see bug 599324.
Comment 1 Brian Smith (:briansmith, :bsmith, use NEEDINFO?) 2010-12-10 10:51:38 PST
Nominating to be blocking 2.0 final; see bug 599324 comment 29.
Comment 2 Landry Breuil (:gaston) 2010-12-22 15:15:53 PST
As of 4.0b8, if one wants to build against systemwide nss/nspr, it needs 3.12.9 / nspr 4.8.7, and those are not released/available on mirrors..
Can we have an ETA for this releases ?
Comment 3 Kai Engert (:kaie) 2010-12-23 10:15:42 PST
Landry, sorry, we haven't prepared tarballs yet, we usually don't do that for beta versions.

Could you please fetch beta versions yourself from CVS?

:pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot

cvs co -r NSPR_4_8_7_BETA2 mozilla/nsprpub
cvs co -r NSS_3_12_9_BETA2 mozilla/security/nss mozilla/security/coreconf \
                           mozilla/dbm mozilla/security dbm

If you don't want to pull from cvs, we plan the final release and tarballs to be available by end of first week in January.
Comment 4 Landry Breuil (:gaston) 2010-12-23 11:08:41 PST
Oh, okay. As the dependencies in configure.in were bumped to 4.8.7/3.12.9,
i thought those had been actually released. My mistake.
I'll wait for the final releases tarballs then, and stay with 4.0b7 in the meantime.
Comment 6 Landry Breuil (:gaston) 2011-01-13 05:07:19 PST
Thanks for the notice, both versions build fine on OpenBSD -current.
Comment 7 Kai Engert (:kaie) 2011-01-13 05:25:52 PST
pushed to mozilla-central.

http://hg.mozilla.org/mozilla-central/rev/17fae822d2d7
Comment 8 Kai Engert (:kaie) 2011-01-13 05:31:21 PST
Let's decide, should this be given to FF 3.6 and FF 3.5 stable branches?
Comment 9 Wan-Teh Chang 2011-01-13 10:42:28 PST
Yes, I recommend that.
Comment 10 Kai Engert (:kaie) 2011-01-13 10:47:10 PST
Requesting approval for stable branches.
Comment 11 Kai Engert (:kaie) 2011-02-16 12:46:11 PST
I didn't notice the branch approval until now.

The upgrade to NSS 3.12.9 implies the NSPR upgrade to 4.8.7
Comment 12 Kai Engert (:kaie) 2011-02-17 06:15:03 PST
Upgraded to 4.8.7 and 3.12.9 on both branches.

I reapplied the lower-dhe-priority patch
(luckily we have the security/patches directory)

I didn't see a nsprpub/patches directory, and couldn't find anything in the log,
I conclude no patches on top of NSPR are currently being used on the branches.

http://hg.mozilla.org/releases/mozilla-1.9.2/rev/62bf42e973e9
http://hg.mozilla.org/releases/mozilla-1.9.1/rev/753d58ad2332
Comment 13 Daniel Veditz [:dveditz] 2011-03-04 10:14:58 PST
The "3.6.15" we're releasing today does not fix this bug, the release containing this bug fix has been renamed to "3.6.16" and the bugzilla flags will be updated to reflect that soon. Today's release is a re-release of 3.6.14 plus a fix for a bug that prevented many Java applets from starting up.
Comment 14 Huzaifa Sidhpurwala 2011-04-08 00:14:13 PDT
Does it make sense to fix https://bugzilla.mozilla.org/show_bug.cgi?id=646460 , before we upgrade nss?

Note You need to log in before you can comment on or make changes to this bug.