[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Using the same nss in all suites


Backporting fixes for nss can become a challenge over time due to:

* Bugs related to MFAs (often containing test cases) being restricted so
  one can only look at hg and try to find all the relevant commits.

* The library has rather frequent security updates

* The code diverges over the years

I haven't found an explicit statement about ABI stability on the nss
site but RedHat and others seem to be doing fine with always using the
latest version in all suites and I wonder if we should do the same. This
would probably include updating the nspr dependency from time to time

I wonder what's the maintainers and security teams stance on this?
Should we do this? Should we start with this during Jessie? If so I
would be happy to prepare packages for the different distributions and
do some testing.

 -- Guido

Reply to: