From owner-svn-ports-all@freebsd.org Wed Jan 29 04:35:14 2020 Return-Path: Delivered-To: svn-ports-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5FD3E1B7B17; Wed, 29 Jan 2020 04:35:14 +0000 (UTC) (envelope-from jbeich@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 486rJ21jb3z46SJ; Wed, 29 Jan 2020 04:35:14 +0000 (UTC) (envelope-from jbeich@freebsd.org) Received: by freefall.freebsd.org (Postfix, from userid 1354) id 19D4321D2; Wed, 29 Jan 2020 04:35:14 +0000 (UTC) From: Jan Beich To: Matthias Andree Cc: svn-ports-head@freebsd.org, Glen Barber , svn-ports-all@freebsd.org, Renato Botelho , ports-committers@freebsd.org Subject: Re: svn commit: r524147 - in head/security: ca_root_nss nss References: <202001260020.00Q0K1cG087750@repo.freebsd.org> <35c29ce8-67ab-61ea-b895-f70d2b6044fa@FreeBSD.org> <1rrk-jzz9-wny@FreeBSD.org> <6130DF4A-9A8A-4175-B79F-6DAAB63A8872@tu-dortmund.de> Date: Wed, 29 Jan 2020 05:35:11 +0100 In-Reply-To: <6130DF4A-9A8A-4175-B79F-6DAAB63A8872@tu-dortmund.de> (Matthias Andree's message of "Tue, 28 Jan 2020 16:43:15 +0000") Message-ID: MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jan 2020 04:35:14 -0000 Matthias Andree writes: > Am January 27, 2020 10:28:42 PM UTC schrieb Jan Beich : >>Matthias Andree writes: >> >>> Am 27.01.20 um 19:32 schrieb Jan Beich: >>> >>>> Renato Botelho writes: >>>> >>>>> On 25/01/20 21:20, Jan Beich wrote: >>>>> >>>>>> Author: jbeich >>>>>> Date: Sun Jan 26 00:20:01 2020 >>>>>> New Revision: 524147 >>>>>> URL: https://svnweb.freebsd.org/changeset/ports/524147 >>>>>> Log: >>>>>> security/nss: update to 3.49.2 >>>>>> Changes: >>>>>> >>https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.49.2_release_notes >>>>>> >>Changes: https://hg.mozilla.org/projects/nss/shortlog/NSS_3_49_2_RTM >>>>>> ABI: https://abi-laboratory.pro/tracker/timeline/nss/ >>>>>> Reported by: Repology >>>>> >>>>> After this change it started failing to build on 11.3-STABLE armv6 >>>>> with the following error: >>>> [...] >>>>> In file included from gcm-arm32-neon.c:16: >>>>> /nxb-bin/usr/lib/clang/8.0.1/include/arm_neon.h:28:2: error: "NEON >>>>> support not enabled" >>>>> #error "NEON support not enabled" >>>>> ^ >>>>> 1 error generated. >>>> >>>> Needs to be reported upstream. Only Tier1 architectures are critical >>>> enough to delay or block updates. >>>> >>> >>> Jan, the upgrade isn't marked security, why the rush? >> >>Agree but only after checking upstream commits. Mozilla often delays >>advisories for bundled libraries under the veil of "responsible >>disclosure" >>to align with Firefox releases. >> >>Note, Firefox 73 which should have RC1 on 2020-02-04 (1 week from now) >>will require NSS 3.49.2. > > Same story, I build each upstream release on head/ half a dozen times > because we package RCs without marking them so. Why the rush? I've explained in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214070 Downstream builds are frequently looked down for being out-of-date, having weird configuration and non-upstreamed patches.