Hi
The old nss version will be available in wheezy. The new version is
available in wheezy+security only. So it should be available already now
without me doing any changes.
This actually look like a problem for jessie too. See this post here:
http://forums.debian.net/viewtopic.php?f=6&t=129904&p
On 04.11.2016 15:38, J. R. Okajima wrote:
[...]
> I'd suggest a variation of 4, which is
> - keep the latest NSS pkgs as is, which is equivalent to your option 1.
> - for the oldstable users who suffer from this problem (like me),
> provide the previous NSS pkgs so that they can downgrade as thei
Hello all,
Ola Lundqvist:
> As I can see it there are the following options:
> 1) Do nothing. Let it be like this. We have a regression problem but only
> for software that fork and use nss in several threads.
> 2) Try to reverse the library split. This is a non-trivial task.
> 3) Try to fix the
Hi Mike and Guido
Thanks for fast feedback on this.
It could very well be sandboxing.
I have tried to fins possible fixes for chromium but they are not easy to
find. If anyone finds a solution to this I'm eager to know.
When I look at the later chromium source code I can see that the offending
On Fri, Nov 04, 2016 at 01:17:36PM +0100, Ola Lundqvist wrote:
> Hi all
>
> I have now analyzed the problem and the problem is that libfreebl3.so have
> been split into a libfreebl3.so that is pre-loaded and a libfreeblpriv3.so
> that is dynamically loaded by libfreebl3.so. This works well in many
Hi Ola,
On Fri, Nov 04, 2016 at 01:17:36PM +0100, Ola Lundqvist wrote:
[..snip analysis..]
> As I can see it there are the following options:
> 1) Do nothing. Let it be like this. We have a regression problem but only
> for software that fork and use nss in several threads.
> 2) Try to reverse the
Hi all
I have now analyzed the problem and the problem is that libfreebl3.so have
been split into a libfreebl3.so that is pre-loaded and a libfreeblpriv3.so
that is dynamically loaded by libfreebl3.so. This works well in many
situations but apparently not in google chrome. I guess this is because
On Wed, 2016-11-02 at 20:41 +0100, Jiří Jánský wrote:
> Hello all,
> there is still one thing, that is unclear for me. Chromium is security
> unsupported package. But does it also mean, that it is unsupported at all
> (can be non-function after install by apt-get install chromium)?
[...]
I don't t
Hi Jiri
As I understand it is not supported at all. It does not mean that it will
break automatically (as in the ruby-rails-2.3 example you gave) but we can
not maintain it in a good way. One of the main reason for it not being
supported is that the later versions do not even build on wheezy and h
Hello all,
there is still one thing, that is unclear for me. Chromium is security
unsupported package. But does it also mean, that it is unsupported at all
(can be non-function after install by apt-get install chromium)?
I am aware, that wheezy chromium package is quite outdated for today web.
But
Hi Holger and Ben
Thanks for the feedback. I'll check whether upstream chrome or chromium can
be installed and is usable on wheezy.
If chrome or chromium is uninstallable on wheezy, then is this an issue? I
would see it as that, but maybe outside LTS scope.
// Ola
On 2 November 2016 at 00:50, H
On Tue, Nov 01, 2016 at 05:18:45PM -0600, Ben Hutchings wrote:
> I like that the outdated Debian package of chromium for wheezy is now
> unusable. If the current upstream version of Chromium (or Chrome) is
> also broken then that *is* a problem
seconded. (and thanks for wording this so well, Ben.
On Tue, 2016-11-01 at 23:37 +0100, Ola Lundqvist wrote:
> Hi Ben, Balint and others
>
> I'd like to have some advice on this regression.
>
> 1) Is this worth investigating?
> - Chrome is not supported, however we have now made it to crash. Ben
> obviously like that but maybe others do not have t
On Tue, Nov 01, 2016 at 11:37:29PM +0100, Ola Lundqvist wrote:
> Hi Ben, Balint and others
>
> I'd like to have some advice on this regression.
>
> 1) Is this worth investigating?
> - Chrome is not supported, however we have now made it to crash. Ben
> obviously like that but maybe others do not
Hi Ben, Balint and others
I'd like to have some advice on this regression.
1) Is this worth investigating?
- Chrome is not supported, however we have now made it to crash. Ben
obviously like that but maybe others do not have the same opinion.
2) Is this severe enough for me to revert the nss 3.2
On Tue, 2016-11-01 at 17:53 +0100, Bálint Réczey wrote:
> Hi,
>
> It seems the nss update broke chromium:
> https://lists.debian.org/debian-user/2016/10/msg00981.html
Good.
> Maybe when we update gcc for firefox we can also continue supporting
> chromium:
> https://lists.debian.org/debian-securi
Hi,
It seems the nss update broke chromium:
https://lists.debian.org/debian-user/2016/10/msg00981.html
Maybe when we update gcc for firefox we can also continue supporting chromium:
https://lists.debian.org/debian-security-announce/2015/msg00031.html
Cheers,
Balint
2016-10-23 23:43 GMT+02:00 Ol
Hi all
I have now been able to run the tests and also the abi version checker.
I think it looks good.
I could not verify FIPS 140-1 tests due to some device error (I'm running
in a chroot so I guess that is the problem) but everything else is working.
The ABI reports are available here:
nspr:
h
On Fri, Oct 21, 2016 at 11:16:54PM +0200, Ola Lundqvist wrote:
> Hi Guido
>
> Thanks a lot for the information. I'll enable this and will also run
> abi-compliance check tool.
> Is it this [1] one you have used?
>
> [1] https://lvc.github.io/abi-compliance-checker/
IIRC I've used the abi-complia
Hi Guido
Thanks a lot for the information. I'll enable this and will also run
abi-compliance check tool.
Is it this [1] one you have used?
[1] https://lvc.github.io/abi-compliance-checker/
Best regards
// Ola
On 20 October 2016 at 23:48, Guido Günther wrote:
> Hi Ola,
> On Thu, Oct 20, 2016
Hi Ola,
On Thu, Oct 20, 2016 at 11:15:29PM +0200, Ola Lundqvist wrote:
> Hi LTS team, Mozilla maintainers, Mike and Florian
>
> I have been working on the security problem reported in nss (and nspr).
> https://security-tracker.debian.org/tracker/TEMP-000-583651
> It is about unprotected enviro
Hi LTS team, Mozilla maintainers, Mike and Florian
I have been working on the security problem reported in nss (and nspr).
https://security-tracker.debian.org/tracker/TEMP-000-583651
It is about unprotected environment variables.
I did a check on what Florian Weimer had done for jessie-securi
22 matches
Mail list logo
