chromium-browser fails to depend on a compatible version of libnss3

Bug #1251454 reported by Anthony Godshall
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

$ chromium-browser
[2814:2839:1114/141949:FATAL:nss_util.cc(396)] NSS_VersionCheck("3.14.3") failed. NSS >= 3.14.3 is required. Please upgrade to the latest NSS, and if you still get this error, contact your distribution maintainer.
$

this fixes it:

# apt-get install libnss3

So obviously the chromium-browser package should have a Depends: so that apt-get / aptitude will get the right library at install-time rather than failing at runtime

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: chromium-browser 30.0.1599.114-0ubuntu0.12.04.3
ProcVersionSignature: Ubuntu 3.2.0-38.40-lowlatency-pae 3.2.37
Uname: Linux 3.2.0-38-lowlatency-pae i686
ApportVersion: 2.0.1-0ubuntu8
Architecture: i386
Date: Thu Nov 14 14:23:08 2013
Desktop-Session:
 DESKTOP_SESSION = None
 XDG_CONFIG_DIRS = None
 XDG_DATA_DIRS = None
Env:
 MOZ_PLUGIN_PATH = None
 LD_LIBRARY_PATH = None
InstallationMedia: Ubuntu-Server 12.04 LTS "Precise Pangolin" - Release i386 (20120424.1)
ProcEnviron:
 LANGUAGE=en_US:en
 TERM=xterm
 PATH=(custom, no user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: chromium-browser
UpgradeStatus: No upgrade log present (probably fresh install)
chromium-default: CHROMIUM_FLAGS=""

Revision history for this message
Anthony Godshall (agodshall) wrote :
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in chromium-browser (Ubuntu):
status: New → Confirmed
Chad Miller (cmiller)
Changed in chromium-browser (Ubuntu):
status: Confirmed → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (4.2 KiB)

This bug was fixed in the package chromium-browser - 31.0.1650.63-0ubuntu0.13.10.1~20131204.1

---------------
chromium-browser (31.0.1650.63-0ubuntu0.13.10.1~20131204.1) saucy-security; urgency=low

  * Release to stage at ppa:canonical-chromium-builds/stage

chromium-browser (31.0.1650.63-0ubuntu0.13.10.1) saucy-security; urgency=low

  * New release 31.0.1650.63:
    - CVE-2013-6634: Session fixation in sync related to 302 redirects.
    - CVE-2013-6635: Use-after-free in editing.
    - CVE-2013-6636: Address bar spoofing related to modal dialogs.
    - CVE-2013-6637: Various fixes from internal audits, fuzzing and other
      initiatives.
    - CVE-2013-6638: Buffer overflow in v8. This issue was fixed in v8 version
      3.22.24.7.
    - CVE-2013-6639: Out of bounds write in v8. This issue was fixed in v8
      version 3.22.24.7.
    - CVE-2013-6640: Out of bounds read in v8. This issue was fixed in v8
      version 3.22.24.7.

chromium-browser (31.0.1650.57-0ubuntu0.13.10.3) saucy-security; urgency=low

  * debian/control: Drop libnss version number in Depends. We only need to
    recompile. (LP: #1251454)

chromium-browser (31.0.1650.57-0ubuntu0.13.10.2) saucy-security; urgency=low

  * debian/apport/chromium-browser.py: Include dmesg events mentioning chromium
    in apport reports.
  * debian/control: Abandon nss transitional package as Dependency, and add
    real package with epoch version number.

chromium-browser (31.0.1650.57-0ubuntu0.13.10.1) saucy-security; urgency=low

  * New release 31.0.1650.57:
    - CVE-2013-6632: Multiple memory corruption issues.
  * New release 31.0.1650.48: (LP: #1250579)
    - CVE-2013-6621: Use after free related to speech input elements.
    - CVE-2013-6622: Use after free related to media elements.
    - CVE-2013-6623: Out of bounds read in SVG.
    - CVE-2013-6624: Use after free related to "id" attribute strings.
    - CVE-2013-6625: Use after free in DOM ranges.
    - CVE-2013-6626: Address bar spoofing related to interstitial warnings.
    - CVE-2013-6627: Out of bounds read in HTTP parsing.
    - CVE-2013-6628: Issue with certificates not being checked during TLS
      renegotiation.
    - CVE-2013-2931: Various fixes from internal audits, fuzzing and other
      initiatives.
    - CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo.
    - CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo.
    - CVE-2013-6631: Use after free in libjingle.
  * debian/chromium-chromedriver.install: Drop unsupported, broken old
    chromedriver v1 and add chromedriver2.
  * Update webapps patches.
  * Disable chromedriver testing until the new server-test client dependencies
    are figured out.
  * Drop base_unittests and automated_ui_tests build and automatic test and
    from installation exclusion.
  * Include wildcat package 'pepflashplugin-nonfree' in apport reportting.

chromium-browser (30.0.1599.114-0ubuntu0.13.10.3) saucy-security; urgency=low

  * debian/patches/menu-bar-visible.patch: Don't treat object as object
    reference.
  * debian/patches/4-chromeless-window-launch-option.patch: Don't fix problem
    introduced in menu-bar-visible patch.
  * debian/rules: Fix...

Read more...

Changed in chromium-browser (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.