Subject: | |
From: | |
Reply To: | |
Date: | Thu, 14 Aug 2008 15:56:29 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Hi Jon,
You are indeed correct now that I look at things.
We had the firefox and all it's dependencies in the testing area for a while,
and it looks like the nss and nspr were updated without the testing ones being
updated.
I want to verify that this fixes the problem. I am looking at the paypal site,
but I don't know where the "run by" message is.
Troy
Jon Peatfield wrote:
> What firefox-3.0 was released for sl52 we say the following security
> updates:
>
>> SRPMS:
>> devhelp-0.12-17.el5.src.rpm
>> nss-3.12.0.3-1.el5.src.rpm
>> firefox-3.0-2.el5.src.rpm
>> xulrunner-1.9-1.el5.src.rpm
>> nspr-4.7.1-1.el5.src.rpm
>> yelp-2.16.0-19.el5.src.rpm
> ...
>
> Later when firefox-3.0.1 was also pushed to sl51, sl50 the set of packages
> updated was:
>
> ...
>> SRPMS:
>> devhelp-0.12-18.el5.src.rpm
>> firefox-3.0.1-1.el5.src.rpm
>> xulrunner-1.9.0.1-1.el5.src.rpm
>> yelp-2.16.0-20.el5.src.rpm
> ...
>
> So there were no security updates for nss, nspr at that point, and indeed
> I still seem to have nss-3.11.99.5-2.el5, nspr-4.7.0.99.2-1.el5 as the
> latest versions.
>
> This may be intended, but I notice that on an sl51 box (updated to firefox
> 3.0.1) I don't get the "Extended Validation (EV) SSL" stuff appearing in
> the location bar, but I do on a test box running sl52 also using
> firefox-3.0.1
>
> If I update just the nss* packages to the same version as in sl52 then it
> magically works. I don't know if the nspr security update is also
> actually expected by firefox-3 or not but a trivial test suggests that it
> can be updated to without obvious problems on sl51...
>
> Could/should the nss/nspr errata be pushed to sl51/sl50?
>
> [ anyone who dosn't know about the EV stuff should look at (say)
> https://www.paypal.com/ and see if the box displays a 'run by' message. ]
>
> -- Jon
--
__________________________________________________
Troy Dawson [log in to unmask] (630)840-6468
Fermilab ComputingDivision/LCSI/CSI DSS Group
__________________________________________________
|
|
|