Hi, Backporting fixes for nss can become a challenge over time due to:
* Bugs related to MFAs (often containing test cases) being restricted so one can only look at hg and try to find all the relevant commits. * The library has rather frequent security updates * The code diverges over the years I haven't found an explicit statement about ABI stability on the nss site but RedHat and others seem to be doing fine with always using the latest version in all suites and I wonder if we should do the same. This would probably include updating the nspr dependency from time to time too. I wonder what's the maintainers and security teams stance on this? Should we do this? Should we start with this during Jessie? If so I would be happy to prepare packages for the different distributions and do some testing. Cheers, -- Guido
