Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

firefox, firefox-bin: 72.0.2 -> 73.0 [WIP] #80119

Closed
wants to merge 10 commits into from
Closed

firefox, firefox-bin: 72.0.2 -> 73.0 [WIP] #80119

wants to merge 10 commits into from

Conversation

tokudan
Copy link
Contributor

@tokudan tokudan commented Feb 14, 2020

Motivation for this change

Backport to stable due to security fixes.
Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/

Included commits:
1c0b278 a085e9c 6da3b5e 48603cd 9f07ede 82d9ce4 187d691 8019df9 1192073 f43fdd1 d6b7a99 7a625e7

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

andir and others added 10 commits February 14, 2020 16:18
@andir @tokudan
nss: 3.46.1 -> 3.47.1
a88ee2b 
(cherry picked from commit 1c0b278)
@globin @tokudan
nss: *Flags are lists
f1221d2 
(cherry picked from commit a085e9c)
@andir @tokudan
nss: 3.47.1 -> 3.48.1
6c4ff06 
(cherry picked from commit 6da3b5e)
@andir @tokudan
nss: 3.48 -> 3.49.2
7799d5f 
(cherry picked from commit 48603cd)
@r-ryantm @tokudan
rust-cbindgen: 0.9.1 -> 0.10.0
206df4c 
(cherry picked from commit 9f07ede)
@andir @tokudan
rust-cbindgen: 0.10.0 -> 0.13.1
12b3a5d 
(cherry picked from commit 82d9ce4)
@andir @tokudan
firefox: prepare for 73.0
ba05a04 
(cherry picked from commit 187d691)
@andir @tokudan
firefox: 72.0.2 -> 73.0
6cdf080 
(cherry picked from commit 8019df9)
@andir @tokudan
firefox-bin: 72.0.3 -> 73.0
922b22f 
(cherry picked from commit 1192073)
@andir @tokudan
firefox-esr: 68.4.2esr -> 68.5.0esr
c62cb14 
(cherry picked from commit f43fdd1)
@tokudan
Copy link
Contributor Author

tokudan commented Feb 14, 2020

@GrahamcOfBorg test firefox
@GrahamcOfBorg build firefox firefox-bin

@tokudan
Copy link
Contributor Author

tokudan commented Feb 17, 2020

@GrahamcOfBorg test firefox
@GrahamcOfBorg build firefox firefox-bin

@ofborg ofborg bot removed the 6.topic: nixos label Feb 17, 2020
@ofborg ofborg bot requested review from edolstra, jtojnar and andir February 17, 2020 14:54
@vcunat vcunat mentioned this pull request Feb 17, 2020
Merged
10 tasks
@andir
Copy link
Member

andir commented Feb 17, 2020

I've been avoiding to do the global NSS (sqlite, nspr, …) bumps on stable branches. I am not sure we want to start with this so late in the release cycle.

@andir
Copy link
Member

andir commented Feb 17, 2020

Also while trying to build nss on this branch I get:

ix_pl_nss/module/Linux5.4_x86_64_gcc_glibc_PTH_64_OPT.OBJ/pkix_pl_nsscontext.o ../libpkix/pkix_pl_nss/module/Linux5.4_x86_64_gcc_glibc_PTH_64_OPT.OBJ/pkix_pl_pk11certstore.o ../libpkix/pkix_pl_nss/module/Linux5.4_x86_64_gcc_glibc_PTH_64_OPT.OBJ/pkix_pl_socket.o   -L/nix/store/hl2hlln6k9gh24kxp9a4kvvx635gfkcj-nss-3.49.2/Linux5.4_x86_64_gcc_glibc_PTH_64_OPT.OBJ/lib -L/nix/store/hl2hlln6k9gh24kxp9a4kvvx635gfkcj-nss-3.49.2/Linux5.4_x86_64_gcc_glibc_PTH_64_OPT.OBJ/lib -lnssutil3 -L/nix/store/3i0v28jxrzwh5h5zndf6ginvsscj4m07-nspr-4.21/lib -lplc4 -lplds4 -lnspr4  -lpthread  -ldl -lc
/nix/store/ajrrkivdfvp8dp4vdg5hp1h5hblmanc9-binutils-2.31.1/bin/ld: ../certdb/Linux5.4_x86_64_gcc_glibc_PTH_64_OPT.OBJ/certdb.o: in function `CERT_UnlockCertTrust':
certdb.c:(.text.CERT_UnlockCertTrust+0x1f): undefined reference to `PR_ASSERT_ARG'
/nix/store/ajrrkivdfvp8dp4vdg5hp1h5hblmanc9-binutils-2.31.1/bin/ld: ../certdb/Linux5.4_x86_64_gcc_glibc_PTH_64_OPT.OBJ/certdb.o: in function `CERT_UnlockCertTempPerm':
certdb.c:(.text.CERT_UnlockCertTempPerm+0x1f): undefined reference to `PR_ASSERT_ARG'
collect2: error: ld returned 1 exit status
make[2]: *** [../../coreconf/rules.mk:291: Linux5.4_x86_64_gcc_glibc_PTH_64_OPT.OBJ/libnss3.so] Error 1

@GrahamcOfBorg build nss

@andir
Copy link
Member

andir commented Feb 18, 2020

@tokudan thanks for the effort. I went with the other PR instead as that had less impact and did not show the compiler error seen here.

@andir andir closed this Feb 18, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@edolstra edolstra Awaiting requested review from edolstra

@jtojnar jtojnar Awaiting requested review from jtojnar

@andir andir Awaiting requested review from andir

Assignees
No one assigned
Labels
10.rebuild-darwin: 501+ 10.rebuild-darwin: 1001-2500 10.rebuild-linux: 501+ 10.rebuild-linux: 5001+
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@tokudan @andir @globin @r-ryantm