Subject: | |
From: | |
Reply To: | |
Date: | Thu, 14 Aug 2008 21:33:21 +0100 |
Content-Type: | TEXT/PLAIN |
Parts/Attachments: |
|
|
What firefox-3.0 was released for sl52 we say the following security
updates:
> SRPMS:
> devhelp-0.12-17.el5.src.rpm
> nss-3.12.0.3-1.el5.src.rpm
> firefox-3.0-2.el5.src.rpm
> xulrunner-1.9-1.el5.src.rpm
> nspr-4.7.1-1.el5.src.rpm
> yelp-2.16.0-19.el5.src.rpm
...
Later when firefox-3.0.1 was also pushed to sl51, sl50 the set of packages
updated was:
...
> SRPMS:
> devhelp-0.12-18.el5.src.rpm
> firefox-3.0.1-1.el5.src.rpm
> xulrunner-1.9.0.1-1.el5.src.rpm
> yelp-2.16.0-20.el5.src.rpm
...
So there were no security updates for nss, nspr at that point, and indeed
I still seem to have nss-3.11.99.5-2.el5, nspr-4.7.0.99.2-1.el5 as the
latest versions.
This may be intended, but I notice that on an sl51 box (updated to firefox
3.0.1) I don't get the "Extended Validation (EV) SSL" stuff appearing in
the location bar, but I do on a test box running sl52 also using
firefox-3.0.1
If I update just the nss* packages to the same version as in sl52 then it
magically works. I don't know if the nspr security update is also
actually expected by firefox-3 or not but a trivial test suggests that it
can be updated to without obvious problems on sl51...
Could/should the nss/nspr errata be pushed to sl51/sl50?
[ anyone who dosn't know about the EV stuff should look at (say)
https://www.paypal.com/ and see if the box displays a 'run by' message. ]
-- Jon
|
|
|