Hi Mark, Mark H Weaver <m...@netris.org> writes:
> Hi Maxim, > > Maxim Cournoyer <maxim.courno...@gmail.com> writes: >> I've updated nss-next to 3.88.1 on master, which is supposed to fix this >> CVE, [...] > > Great, thanks! > > Could you please make sure that 'nspr-next' is up-to-date as well? > It would be good to avoid inadvertently downgrading the NSPR used by > IceCat. I don't know off-hand what fixes might be undone as a result. I had already verified, and if I'm correct, it's already at the latest version available (4.35) [0]. [0] https://ftp.mozilla.org/pub/nspr/releases/ -- Thanks, Maxim