Mike Perry authored 10 years ago and clairehurst committed 3 weeks ago

It looks like these cases should only be invoked in the NSS command line
tools, and not the browser, but I decided to patch them anyway because there
literally is a maze of network function pointers being passed around, and it's
very hard to tell if some random code might not pass in the proper proxied
versions of the networking code here by accident.

Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1433509

Alex Catarineu authored 5 years ago and clairehurst committed 3 weeks ago

More concretely, SearchService.jsm 'hijack-blocklists' and
url-classifier-skip-urls.

Avoid creating instance for 'anti-tracking-url-decoration'.

If prefs are disabling their usage, avoid creating instances for
'cert-revocations' and 'intermediates'.

Do not ship JSON dumps for collections we do not expect to need. For
the ones in the 'main' bucket, this prevents them from being synced
unnecessarily (the code in remote-settings does so for collections
in the main bucket for which a dump or local data exists). For the
collections in the other buckets, we just save some size by not
shipping their dumps.

We also clear the collections database on the v2 -> v3 migration.

Pier Angelo Vendrame authored 2 years ago and clairehurst committed 3 weeks ago

Bug 17858: Cannot create incremental MARs for hardened builds.
Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
(which is part of mar-tools and is not distributed to end-users) with
ASan.

Bug 21849: Don't allow SSL key logging.

Bug 25741 - TBA: Disable features at compile-time

Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION

Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds

This fixes a problem where some preferences had the wrong default value.
Also see bug 27472 where we made a similar fix for Android.

Bug 29859: Disable HLS support for now

Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING

Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT

Bug 33734: Set MOZ_NORMANDY to False

Bug 33851: Omit Parental Controls.

Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files

Bug 41584: Move some configuration options to base-browser level

Differential Revision: https://phabricator.services.mozilla.com/D239319

Differential Revision: https://phabricator.services.mozilla.com/D238938

Differential Revision: https://phabricator.services.mozilla.com/D238436

Original Revision: https://phabricator.services.mozilla.com/D236890

Differential Revision: https://phabricator.services.mozilla.com/D238183

Differential Revision: https://phabricator.services.mozilla.com/D238022

Differential Revision: https://phabricator.services.mozilla.com/D237538

Differential Revision: https://phabricator.services.mozilla.com/D237018

Differential Revision: https://phabricator.services.mozilla.com/D235589

2025-01-23  Dennis Jackson  <djackson@mozilla.com>

	* doc/rst/releases/index.rst:
	Add release notes for 3.101.3
	[60be34d595b6] [NSS_3_101_3_RTM] <NSS_3_101_BRANCH>

	* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
	Set verion numbers to 3.101.3
	[b799d486b567] <NSS_3_101_BRANCH>

2024-12-09  Maurice Dauer  <mdauer@mozilla.com>

	* lib/pkcs7/certread.c:
	Bug 1935984 - Ensure zero-initialization of collectArgs.cert,
	r=djackson,nss-reviewers

	[0c5bfd138fec] <NSS_3_101_BRANCH>

2024-12-06  Dana Keeler  <dkeeler@mozilla.com>

	* lib/softoken/pkcs11.c, lib/util/utilmod.c:
	Bug 1927953 - don't look for secmod.db in nssutil_ReadSecmodDB if
	NSS_DISABLE_DBM is set r=jschanck

	[2c13c7018b61] <NSS_3_101_BRANCH>

2024-11-27  Anna Weine  <anna.weine@mozilla.com>

	* lib/dev/devutil.c:
	Bug 1926256 - fix build error from 9505f79d r=jschanck

	[4a2a05674aa3] <NSS_3_101_BRANCH>

2024-11-26  John Schanck  <jschanck@mozilla.com>

	* lib/dev/devutil.c:
	Bug 1926256 - simplify error handling in
	get_token_objects_for_cache. r=rrelyea

	[72dc849de263] <NSS_3_101_BRANCH>

2024-10-21  John Schanck  <jschanck@mozilla.com>

	* cmd/pk12util/pk12util.c:
	Bug 1923767 - pk12util: improve error handling in
	p12U_ReadPKCS12File. r=nss-reviewers,nkulatova

	[23e5b96bfbdb] <NSS_3_101_BRANCH>

2024-09-24  ISHIKAWA, Chiaki  <ishikawa@yk.rim.or.jp>

	* lib/ssl/sslsnce.c:
	Bug 1909768 - UBSAN fix: applying zero offset to null pointer in
	sslsnce.c. r=kaie

	[49a0f03dc97b] <NSS_3_101_BRANCH>

2024-07-25  John Schanck  <jschanck@mozilla.com>

	* lib/softoken/pkcs11u.c:
	Bug 1908623 - move list size check after lock acquisition in
	sftk_PutObjectToList. r=rrelyea,nss-reviewers

	[b936ef0a883b] <NSS_3_101_BRANCH>

2024-09-26  Kai Engert  <kaie@kuix.de>

	* lib/pkcs7/p7decode.c:
	Bug 1899402 - Correctly destroy bulkkey in error scenario.
	r=jschanck

	[3200544b1a70] <NSS_3_101_BRANCH>

2024-07-29  John Schanck  <jschanck@mozilla.com>

	* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
	Set version numbers to 3.101.2
	[f0fd00e7f8ee] <NSS_3_101_BRANCH>

2024-07-24  John Schanck  <jschanck@mozilla.com>

	* .hgtags:
	Added tag NSS_3_101_2_RTM for changeset 1204ed03458f
	[d7839c5f949e] <NSS_3_101_BRANCH>

Original Revision: https://phabricator.services.mozilla.com/D235304

Differential Revision: https://phabricator.services.mozilla.com/D235306

Differential Revision: https://phabricator.services.mozilla.com/D235292

Differential Revision: https://phabricator.services.mozilla.com/D234822

Differential Revision: https://phabricator.services.mozilla.com/D234482

Original Revision: https://phabricator.services.mozilla.com/D233775

Differential Revision: https://phabricator.services.mozilla.com/D233880

Differential Revision: https://phabricator.services.mozilla.com/D234004

Original Revision: https://phabricator.services.mozilla.com/D233775

Differential Revision: https://phabricator.services.mozilla.com/D233880

Differential Revision: https://phabricator.services.mozilla.com/D233642

Bug 1940172 - regenerate test certificates for 2025 r=jschanck,necko-reviewers,kershaw,robwu,extension-reviewers a=test-only

* the certificates were regenerated using ./mach generate-test-certs
* the build/pgo/certs/ changes were made using ./mach python build/pgo/genpgocert.py
* the zip files in security/manager/ssl/tests/unit/test_signed_apps/ were updated per the directions in the corresponding moz.build file
* security/manager/ssl/tests/unit/test_cert_override_read.js was updated per the instructions in its output
* this text was copied and updated from the previous regeneration bug, bug 1874627

These certificates and other test artifacts will now expire in 2026.

Bug 1939625 - update test certificate serial numbers referenced in test_cert_storage.js and reenable it. r=aryx, a=test-only

Bug 1939625 - remove hardcoded certificate validity from .certspec files  of some test certs and regenerate them. r=keeler, a=test-only

Differential Revision: https://phabricator.services.mozilla.com/D232388

Differential Revision: https://phabricator.services.mozilla.com/D231923

Differential Revision: https://phabricator.services.mozilla.com/D231521

Differential Revision: https://phabricator.services.mozilla.com/D231215

Differential Revision: https://phabricator.services.mozilla.com/D230505

Differential Revision: https://phabricator.services.mozilla.com/D230090

Differential Revision: https://phabricator.services.mozilla.com/D229316

Differential Revision: https://phabricator.services.mozilla.com/D228961

Differential Revision: https://phabricator.services.mozilla.com/D228573

Differential Revision: https://phabricator.services.mozilla.com/D228324

Differential Revision: https://phabricator.services.mozilla.com/D227810

Differential Revision: https://phabricator.services.mozilla.com/D227484

Differential Revision: https://phabricator.services.mozilla.com/D226304

Differential Revision: https://phabricator.services.mozilla.com/D225952

Differential Revision: https://phabricator.services.mozilla.com/D225494

Differential Revision: https://phabricator.services.mozilla.com/D225192