Closed
Bug 494236
Opened 16 years ago
Closed 16 years ago
update central and 1.9.1 to pick up NSS 3.12.3 + new roots from bug 493660
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: KaiE, Assigned: johnath)
References
Details
(Keywords: fixed1.9.1)
Attachments
(2 files, 2 obsolete files)
(deleted),
patch
|
Details | Diff | Splinter Review | |
(deleted),
patch
|
Details | Diff | Splinter Review |
update mozilla-1.9.1 to pick up NSS 3.12.3 + new roots from bug 493660
Today Nelson will create a new NSS tag.
We'll announce this tag here.
Once it's done, the tag needs to be added to hg / mozilla-1.9.1
Firefox drivers, would you like to state in this bug that you approve this action?
Thanks.
We usually don't produce a patch. We run a script to land it as explained at https://developer.mozilla.org/en/Updating_NSPR_or_NSS_in_mozilla-central (use the update_nss part)
Assigning to Johnath, as he'll probably drive the commit.
Comment 1•16 years ago
|
||
a191=beltzner after it's had a green cycle on mozilla-central
Comment 2•16 years ago
|
||
I've just created the CVS tag NSS_3_12_3_WITH_CKBI_1_75_RTM for the NSS module.
It is identical to the NSS_3_12_3_RTM tag (which is what is presently being
used in FF 3.5) with the exception of the built-in root CA certs, which is
identical to the tag NSSCKBI_1_75_RTM (bug 493660).
Assignee | ||
Comment 3•16 years ago
|
||
This is the result of running through the steps at:
https://developer.mozilla.org/en/Updating_NSPR_or_NSS_in_mozilla-central
Nelson, I don't need your actual review since this is just picking up code that's had review elsewhere and this looks to me like it has what it should and little else. Nevertheless, I'd love to know if it looks the same to you.
Comment 4•16 years ago
|
||
Comment on attachment 378960 [details] [diff] [review]
1.9.1 patch to move to NSS_3_12_3_WITH_CKBI_1_75_RTM
Kai,
Is the change in your patch to nss/lib/ckfw/Makefile accidental?
Given that NSS QA testing does not test the "capi" module, do
we really want Firefox builds to build it?
Assignee | ||
Comment 5•16 years ago
|
||
Nelson and I are having a conversation in email with stakeholders/product drivers about whether we can move mozilla-central to this tag as well, given that mozilla-central is already running on a 3.12.4 release. If we don't see any showstopper issues with the approach, this is the patch that results from running
python client.py update_nss NSS_3_12_3_WITH_CKBI_1_75_RTM
Assignee | ||
Comment 6•16 years ago
|
||
Per Nelson's comment, this looks to be accidental.
Attachment #378960 -
Attachment is obsolete: true
Reporter | ||
Comment 7•16 years ago
|
||
(In reply to comment #4)
> (From update of attachment 378960 [details] [diff] [review])
> Kai,
> Is the change in your patch to nss/lib/ckfw/Makefile accidental?
> Given that NSS QA testing does not test the "capi" module, do
> we really want Firefox builds to build it?
No, not accidental.
Was necessary to get the tinderbox go green on all platforms, including wince.
We don't want to build it.
Assignee | ||
Comment 8•16 years ago
|
||
Will get beltzner/shaver's opinion on using this 3_12_4-based tag instead of reverting trunk to 3_12_3 - discussion continuing in email. This is here for posterity/sanity checking. Kai confirms that these are the only files that should be changed.
Attachment #378965 -
Attachment is obsolete: true
Assignee | ||
Comment 9•16 years ago
|
||
Discussed this with drivers, agreed to use the NSS_3_12_4_FIPS1_WITH_CKBI_1_75
Landed on central along side bug 493709
http://hg.mozilla.org/mozilla-central/rev/7509164476e8
After a clean baking cycle, I will land the 1.9.1 versions.
Summary: update mozilla-1.9.1 to pick up NSS 3.12.3 + new roots from bug 493660 → update central and 1.9.1 to pick up NSS 3.12.3 + new roots from bug 493660
Assignee | ||
Updated•16 years ago
|
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 10•16 years ago
|
||
Baking was clean - landed on 1.9.1
http://hg.mozilla.org/releases/mozilla-1.9.1/rev/40faadef447e
Keywords: fixed1.9.1
You need to log in
before you can comment on or make changes to this bug.
Description
•