|
From: | Tobias Geerinckx-Rice |
Subject: | bug#32026: [PATCH v3 10/11] gnu: nss-next: Update to 3.88.1 [fixes CVE-2023-0767]. |
Date: | Sat, 18 Feb 2023 20:49:36 +0100 |
Maxim Cournoyer 写道:
It's already been pushed for nss-next, and Tobias has taken care of grafting our main 'nss' package, which has many dependents. See commits246a3d90eac82966b691bdca4660ab9c5d802631 and b04ee227a47419291391a2b6e857e41ed1c32155, respectively.
Grafting such a big version jump made me nervous.I did so anyway, partially on Mozilla's assurance (FWIW) that it's ABI-compatible, but mainly because I dare not vouch for a single cherry-pick to 3.81 actually keeping users safe.
I'd much rather deal with ABI bug reports than the alternative :-) Kind regards, T G-R
signature.asc
Description: PGP signature
[Prev in Thread] | Current Thread | [Next in Thread] |