834741 - Mozilla 20 needs final NSPR 4.9.5 and final NSS 3.14.2

Status: RESOLVED FIXED

(Core :: Security: PSM, defect)

Description

[Kai Engert (:KaiE:)]

In bug 823705, Mozilla revceived NSPR/NSS beta versions, and current aurora 20 still uses them.

Per policy, we must update them to final NSPR/NSS releases, and we should do so soon, prior to the next branch merge date.

NSPR/NSS teams are willing to create releases soon.

I just tagged updated beta versions NSPR_4_9_5_BETA2 and NSS_3_14_2_BETA2, and I have r=wtc for landing them into mozilla-central.

If things look good, I'll shortly request to land them into aurora.

Comment 1

[Kai Engert (:KaiE:)]

Attachment: placeholder for approval

Comment 2

[Kai Engert (:KaiE:)]

https://hg.mozilla.org/integration/mozilla-inbound/rev/afdf04262e61

Please leave open, we'll still need to land the RTMs.

Comment 3

[Kai Engert (:KaiE:)]

Note regarding aurora approval:

- I'd like to land the NSPR/NSS betas into aurora as soon as possible (e.g. by tuesday 29)
- the final NSPR/NSS RTMs will be very close to the betas I've landed today 
  into mozilla-central
- once we have the final NSPR/NSS RTMs (ETA: February 1st),
  I'd like to land them into aurora, too.

Thanks

Comment 4

[Lukas Blakk [:lsblakk] use ?needinfo]

Comment on attachment 706408 [details]
placeholder for approval

Approving and thank you for getting this ready in Aurora.

Comment 5

[Ryan VanderMeulen [:RyanVM]]

https://hg.mozilla.org/mozilla-central/rev/afdf04262e61

Comment 6

[Brian Smith (:briansmith, :bsmith, use NEEDINFO?)]

Note that mozilla-inbound has a private patch NSS on it (after the last checkin for this bug), so the next update of NSS will need to deal with that patch.

Comment 7

[Kai Engert (:KaiE:)]

(In reply to Brian Smith (:bsmith) from comment #6)
> Note that mozilla-inbound has a private patch NSS on it (after the last
> checkin for this bug), so the next update of NSS will need to deal with that
> patch.

Which patch?

Comment 8

[Brian Smith (:briansmith, :bsmith, use NEEDINFO?)]

(In reply to Kai Engert (:kaie) from comment #7)
> (In reply to Brian Smith (:bsmith) from comment #6)
> > Note that mozilla-inbound has a private patch NSS on it (after the last
> > checkin for this bug), so the next update of NSS will need to deal with that
> > patch.
> 
> Which patch?

Bug 834091. It is documented in security/patches/README.

Comment 9

[Brian Smith (:briansmith, :bsmith, use NEEDINFO?)]

https://hg.mozilla.org/integration/mozilla-inbound/rev/80fed51ae074

Updates NSS to NSS 3.14.2 BETA 3 (NSS_3_14_2_BETA3) + the private patch for bug 834091.

I verified that a build with "export CC=clang / export CXX=clang++" in my mozconfig succeeds.

Comment 10

[Phil Ringnalda (:philor)]

https://hg.mozilla.org/mozilla-central/rev/80fed51ae074

Comment 11

[Mike Hommey [:glandium]]

Is the patch for bug 834091 planned to make it to nss 3.14.2?

Comment 12

[Brian Smith (:briansmith, :bsmith, use NEEDINFO?)]

I think NSS 3.14.2 will ship before I have a chance to finish the other work on that function. I am planning for NSS 3.14.3 having the replacement for the new function; see bug 808224.

Comment 13

[Kai Engert (:KaiE:)]

Lukas, thanks for approving.

Landed NSPR_4_9_5_BETA2 and NSS_3_14_2_BETA3 into mozilla-aurora:
  https://hg.mozilla.org/releases/mozilla-aurora/rev/d5b2e09813ac

Please leave bug open, not yet marking fixed, because we still need to land the final releases (which will have very little changes on top).

Comment 14

[Kai Engert (:KaiE:)]

Landed into mozilla-central, while keeping the locally applied patch (which is in mozilla-central, only).

https://hg.mozilla.org/integration/mozilla-inbound/rev/d7f4807655ec

(Mozilla aurora will be done after it arrived in mozilla-central - without that local patch).

Comment 15

[Ryan VanderMeulen [:RyanVM]]

https://hg.mozilla.org/mozilla-central/rev/d7f4807655ec

Comment 16

[Kai Engert (:KaiE:)]

https://hg.mozilla.org/releases/mozilla-aurora/rev/937723141e92