svn commit: r524147 - in head/security: ca_root_nss nss
Jan Beich
jbeich at FreeBSD.org
Wed Jan 29 04:35:14 UTC 2020
Matthias Andree <matthias.andree at tu-dortmund.de> writes:
> Am January 27, 2020 10:28:42 PM UTC schrieb Jan Beich <jbeich at FreeBSD.org>:
>>Matthias Andree <matthias.andree at tu-dortmund.de> writes:
>>
>>> Am 27.01.20 um 19:32 schrieb Jan Beich:
>>>
>>>> Renato Botelho <garga at FreeBSD.org> writes:
>>>>
>>>>> On 25/01/20 21:20, Jan Beich wrote:
>>>>>
>>>>>> Author: jbeich
>>>>>> Date: Sun Jan 26 00:20:01 2020
>>>>>> New Revision: 524147
>>>>>> URL: https://svnweb.freebsd.org/changeset/ports/524147
>>>>>> Log:
>>>>>> security/nss: update to 3.49.2
>>>>>> Changes:
>>>>>>
>>https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.49.2_release_notes
>>>>>>
>>Changes: https://hg.mozilla.org/projects/nss/shortlog/NSS_3_49_2_RTM
>>>>>> ABI: https://abi-laboratory.pro/tracker/timeline/nss/
>>>>>> Reported by: Repology
>>>>>
>>>>> After this change it started failing to build on 11.3-STABLE armv6
>>>>> with the following error:
>>>> [...]
>>>>> In file included from gcm-arm32-neon.c:16:
>>>>> /nxb-bin/usr/lib/clang/8.0.1/include/arm_neon.h:28:2: error: "NEON
>>>>> support not enabled"
>>>>> #error "NEON support not enabled"
>>>>> ^
>>>>> 1 error generated.
>>>>
>>>> Needs to be reported upstream. Only Tier1 architectures are critical
>>>> enough to delay or block updates.
>>>>
>>>
>>> Jan, the upgrade isn't marked security, why the rush?
>>
>>Agree but only after checking upstream commits. Mozilla often delays
>>advisories for bundled libraries under the veil of "responsible
>>disclosure"
>>to align with Firefox releases.
>>
>>Note, Firefox 73 which should have RC1 on 2020-02-04 (1 week from now)
>>will require NSS 3.49.2.
>
> Same story, I build each upstream release on head/ half a dozen times
> because we package RCs without marking them so. Why the rush?
I've explained in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214070
Downstream builds are frequently looked down for being out-of-date,
having weird configuration and non-upstreamed patches.
More information about the svn-ports-head
mailing list