Ken Moffat wrote:
On Sat, Jan 07, 2017 at 03:52:19AM +0000, Ken Moffat wrote:
On Thu, Jan 05, 2017 at 08:55:42AM -0600, DJ Lucas wrote:
Also, make sure you run make-ca.sh after (re)installing NSS.
On January 5, 2017 7:53:50 AM CST, Tim Tassonis <[email protected]> wrote:
Hi all
After upgrading nss to version 3.28 (the version in blfs svn), I
noticed
that firefox will reject a lot of web pages due to insufficient
security. The most prominent example is youtube.com
Maybe this could be stated on the nss page, or perhaps a revert to
3.27.2 should be done. It's what I have done.
Kind regards
Tim
Same with 3.28.1 and also applies to www.google.co.uk. And of
course I can't google it to see how common the problem is.
Reverted to 3.27.2 after writing that, reran make-ca.sh, killed
firefox, used the recover option. Both are still broken. Same for
duckduckgo.com. closed it and killed all the open tabs - no change.
I found this:
https://bugzilla.mozilla.org/show_bug.cgi?id=1320509
but the patch is in my version of nss-3.28.
And I found this:
http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/doc/TODO?rev=HEAD&content-type=text/x-cvsweb-markup
The comment is:
nss-3.28 [This breaks firefox for ECDSA tls connection]
----
nss-3.26 also breaks seamonky: can't bring up youtube. But rebuilding
nss-3.27.2 lets if connect to youtube correctly. I made no other changes
except the nss install commands.
A diff of the nss 3.27.2 and 3.28 tarballs gave me a 12 MB (328000+ lines)
file. It's too late for me to look at that tonight.
I suspect we need to wait for upstream to fix this.
-- Bruce
--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
