We have multiple reports of the latest Firefox not working with FIPS due to the above ongoing, so we would like to determine how to fix this as a priority.
We are trying to determine what the best approach to take is given the Mozilla team's direction to keep the default behavior of the nss library the same (checking the fips_enabled flag), and behaving differently if built with an env variable, and not go with Vineetha's submitted patch. To get FF to FIPS mode, I suspect on Bionic we will need this as well: Bug 1531267: "FIPS mode should be enabled automatically if the system is in FIPS mode" Fix in nss version: 3.43 (On Linux, even if /proc/sys/crypto/fips_enabled is 1, one needs to enable database's FIPS mode with modutil.) On Bionic the nss package version was 2:3.35, which does not have that fix (Eoan has 2:3.45). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1843044 Title: firefox crashes on a FIPS enabled machine To manage notifications about this bug go to: https://bugs.launchpad.net/firefox/+bug/1843044/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
