Comment 12 for bug 276437

Thanks for the work on the Hardy update.

As discussed on IRC. The debdiff for hardy is nearly 632,000 lines long. The vast majority of this is from nss-fips, which is apparently new. From what I can tell, this code is now being used based on changes in 80_security_build.patch. Apparently this is to fix upstream https://bugzilla.mozilla.org/show_bug.cgi?id=419030. Are the > 600,000 lines of newly compiled code really needed for this update? What testing has been done to show there are no regressions, especially in regards to the NSS related functionality?