[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 03/03: gnu: nss, nss-certs: Update to 3.27.2.
From: |
Leo Famulari |
Subject: |
Re: 03/03: gnu: nss, nss-certs: Update to 3.27.2. |
Date: |
Tue, 20 Dec 2016 14:39:26 -0500 |
User-agent: |
Mutt/1.7.1 (2016-10-04) |
On Tue, Dec 20, 2016 at 01:56:03PM -0500, Mark H Weaver wrote:
> > gnu: nss, nss-certs: Update to 3.27.2.
> >
> > * gnu/packages/gnuzilla.scm (nss): Update to 3.27.2.
> > * gnu/packages/certs.scm (nss-certs): Update to 3.27.2.
>
> Thanks for this, but unfortunately this version of 'nss' seems to
> consistently fail its test suite on armhf, or at least it has failed 3
> times in a row.
>
> https://hydra.gnu.org/build/1712083
Thanks for pointing this out.
> Given the importance of the proper functioning of this package, I'm not
> comfortable disabling the tests.
I agree.
> Do we have reason to believe that this update fixes security flaws? Is
> there a compelling reason not to revert this update until a version is
> released that passes the test suite on our supported systems?
Not as far as I know, although I assume there are some sort of trust
"problems" fixed in each release of nss-certs.
I'll revert it and investigate. I'd rather not wait for an upstream fix
if we can help it.
I notice know that this release appears to require a newer version of
nspr than we package [0]:
"The HG tag is NSS_3_27_2_RTM. NSS 3.27.2 requires NSPR 4.13 or newer."
What do you recommend I do? How about I make an nss-updates branch with
updates to nspr, nss, nss-certs, and possibly other updates in (gnu
packages gnuzilla), and build it on Hydra when resources are available?
[0]
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.27.2_Release_Notes
signature.asc
Description: PGP signature