Bug 805640 - Enhance PSM's key generation strategy with tokens/escrow
Enhance PSM's key generation strategy with tokens/escrow
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: xulrunner (Show other bugs)
Unspecified Unspecified
urgent Severity high
: rc
: ---
Assigned To: Martin Stransky
Desktop QE
: OtherQA, ZStream
: 672316 (view as bug list)
Depends On:
Blocks: 805642 811205
  Show dependency treegraph
Reported: 2012-03-21 13:50 EDT by Andrew Wnuk
Modified: 2014-03-16 21:33 EDT (History)
11 users (show)

See Also:
Fixed In Version: RHSA-2012:0515
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 805642 (view as bug list)
Last Closed: 2012-05-04 06:22:30 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Patch v4 from upstream (smaller context version) (14.94 KB, patch)
2012-03-22 11:11 EDT, Kai Engert (:kaie)
no flags Details | Diff

External Trackers
Tracker ID Priority Status Summary Last Updated
Mozilla Foundation 681937 None None None Never

  None (edit)
Description Andrew Wnuk 2012-03-21 13:50:57 EDT
RHCS requires the following bug to be fixed in RHEL 5.8:

This fix is critical for RHCS ECC functionality to work.
Comment 1 Kai Engert (:kaie) 2012-03-21 14:58:34 EDT
This bug requests that "patch v4" (r=rrelyea) from upstream bug

gets added to Firefox
(but I believe the relevant code lives in our xulrunner RPM package).

The full link to the patch is

This patch applies fine on the latest Firefox 10.x branch.
Comment 2 Kai Engert (:kaie) 2012-03-21 18:46:48 EDT
We propose that this patch gets added together with the next scheduled FF update (10.0.4) (sharing a single errata).
Comment 3 Kai Engert (:kaie) 2012-03-22 11:11:03 EDT
Created attachment 572018 [details]
Patch v4 from upstream (smaller context version)

This is the same patch as upstream, however, with less context (5 lines, not 50 lines, shortens the patch, increases likelyhood that patch will continue to apply).
Comment 4 Kai Engert (:kaie) 2012-03-22 11:14:32 EDT
If you need a risk assessment:

The patch is limited to changing code related to certificate key pair generation (which is only called when a user visits a CA's web page to apply for a certificate).
Comment 22 Nathan Kinder 2012-04-09 14:05:51 EDT
*** Bug 672316 has been marked as a duplicate of this bug. ***
Comment 28 Martin Stransky 2012-05-04 06:22:30 EDT
Fixed in RHSA-2012:0515.

Note You need to log in before you can comment on or make changes to this bug.