Bug 830302 - Update RHEL 6.x to NSS 3.13.5 and NSPR 4.9.1 for Mozilla 10.0.6
Update RHEL 6.x to NSS 3.13.5 and NSPR 4.9.1 for Mozilla 10.0.6
Status: CLOSED DUPLICATE of bug 837089
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: nss (Show other bugs)
Unspecified Unspecified
high Severity unspecified
: rc
: ---
Assigned To: Elio Maldonado Batiz
Aleš Mareček
: Rebase, ZStream
Depends On: 833149 833480
Blocks: 834100
  Show dependency treegraph
Reported: 2012-06-08 15:25 EDT by Kai Engert (:kaie)
Modified: 2012-11-19 11:54 EST (History)
8 users (show)

See Also:
Fixed In Version: nss-3.13.5-2.el6
Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Story Points: ---
Clone Of:
: 833149 833480 (view as bug list)
Last Closed: 2012-10-29 12:40:22 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Kai Engert (:kaie) 2012-06-08 15:25:07 EDT
Mozilla 10.0.6 is scheduled for mid July.

We had earlier discussed this might be the right time to pick up NSS 3.13.4 (which has been shipped by upstream already in Mozilla 10.0.5).

Meanwhile NSS 3.13.5 has been released, which has minimal changes on top of 3.13.4, but contains a highly recommended correctness fix.

Therefore I propose to update to NSS 3.13.5 for RHEL 6 together with the next planned stable Mozilla release 10.0.6  (which will either ship with 3.13.4 or 3.13.5).

In addition, together with NSS 3.13.5, also NSPR 4.9.1 was released. Upstream 10.0.6 might keep the older NSPR, however, NSPR 4.9.1 picks up correctness fixes and has very few other changes (mostly outside the Linux domain). Although not strictly necessary, I recommend updating to NSPR 4.9.1 because of the minimal amount of changes and for versioning consistency.
Comment 10 Huzaifa S. Sidhpurwala 2012-06-20 00:58:51 EDT
Sure, but if I include CVE-2012-0441 in it, it could become an ASYNC advisory.
Comment 13 Karel Srot 2012-10-29 12:40:22 EDT
Closing this y-stream original of a z-stream bug since it is overridden by rhel-6.4 bug 837089.

*** This bug has been marked as a duplicate of bug 837089 ***

Note You need to log in before you can comment on or make changes to this bug.