Re: heads up: nss 3.59 breaks firefox add-ons

Sun, 27 Dec 2020 19:02:02 -0800
Ok, I am the n00b here but I have experienced some nss related problems since upgrading to Fedora 33. I found that the systemd-resolved service interferes with or corrupts previously normal nss functions, most related. to the resolver. 


For example, when some hosts used systemd-resolved and others used nss, 
dig and nslookup don't resolve properly. Sometmes ping does work. 
Sometimes extrernal
lookups work and internals don't and sometimes the other way round. But 
the exact symptom can depend on which type of host you are working with.



I stopped and disabled systemd-resolved and all of those problems 
disappeared. Firefox now works fine for me as do all my network services.


http://www.linux-databook.info/?page_id=5951

Thanks


--


*********************************************************
David P. Both, RHCE
He/Him/His
*********************************************************
www.both.org - My personal web site
www.Linux-Databook.info - Home of the DataBook for Linux
DataBook is a Registered Trademark of David Both
*********************************************************
The value of any software lies in its usefulness
not in its price.

— Linus Torvalds
*********************************************************

On Sat, 19 Dec 2020, Kevin Fenzi wrote:


Date: Sat, 19 Dec 2020 12:32:28 -0800
From: Kevin Fenzi <ke...@scrye.com>
Reply-To: Development discussions related to Fedora
    <devel@lists.fedoraproject.org>
To: Development discussions related to Fedora <devel@lists.fedoraproject.org>
Subject: Re: heads up: nss 3.59 breaks firefox add-ons

On Sat, Dec 19, 2020 at 05:33:57PM +0100, Marius Schwarz wrote:

Am 18.12.20 um 15:33 schrieb James Szinger:

I see nss.x86_64 3.59.0-3.fc33 in today’s updates. Is this fixed or
are there going to be a lot of unhappy Firefox users?  The bug is
still open.



Can someone pls lush this into rawhide? There is only -2 WITH the SHA-1
blockade.


firefox-84.0-6 in rawhide (the latest package available) has enabled
it's bundled nss that doesn't do that check. ;(
https://koji.fedoraproject.org/koji/buildinfo?buildID=1659741
So, upgrading to that should work around the problem.

Of course it causes other problems, like firefox exposing all the nss
provides.

The best workaround for now would be firefox adding some code to exempt
itself from the sha1 check for now and resume building against the
system nss and the system nss re-enabling the sha1 check.

The real solution is of course mozilla updaing add-ons to not use sha1.
;)

kevin


_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org























					Reply via email to