Bug 230070 - Broke NSS ABI - seamonkey security errata
Broke NSS ABI - seamonkey security errata
Status: CLOSED DUPLICATE of bug 229987
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: seamonkey (Show other bugs)
4.4
All Linux
medium Severity urgent
: ---
: ---
Assigned To: Gecko Maintainer
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-02-26 09:24 EST by daryl herzmann
Modified: 2007-11-16 20:14 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-03-09 10:27:20 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description daryl herzmann 2007-02-26 09:24:55 EST
Some recent update has hosed Gaim.  It will now crash on connect to Jabber TLS
servers.  Been able to reproduce here on fully updated EL4 machines.

Perhaps the seamonkey or firefox updates messed up TLS for Gaim?
Comment 1 Warren Togami 2007-02-26 10:10:40 EST
Could you please figure out which update exactly caused this failure?

Please also install relevant debuginfo and attach gdb tracebacks of the crash here.
Comment 2 daryl herzmann 2007-02-26 10:21:24 EST
Okay.

Starting with a fresh EL4.4 box.  gaim-1.5.0-12.el4 works fine.

Update seamonkey, gaim crashes on connect.

I'm efforting gdb trace now. Will take me a bit to get setup.

daryl
Comment 3 daryl herzmann 2007-02-26 10:40:17 EST
I installed gaim-debuginfo and ran gaim like so:

gdb gaim

(gdb) bt full
#0  0x009b85b5 in PR_Write () from /usr/lib/libnspr4.so
No symbol table info available.
#1  0x0077a169 in ssl_nss_write (gsc=0x8af0e48, data=0x8007375, len=134247285)
    at ssl-nss.c:262
        nss_data = (GaimSslNssData *) 0x8aead28
#2  0x00d7af7a in gaim_ssl_write (gsc=0x8af0e48, data=0x8b18cc8, len=67)
    at sslconn.c:223
        __PRETTY_FUNCTION__ = "gaim_ssl_write"
#3  0x0065de1b in jabber_send_raw (js=0x8ae1df0,
    data=0x8b18cc8 "<presence type='unavailable'><status>Logged
out</status></presence>", len=67) at jabber.c:205
        ret = Variable "ret" is not available.

hopefully that is useful
Comment 4 Jack Neely 2007-02-26 10:46:09 EST
Yes...the security updates to libnspr seem to have altered teh ABI.  Oh...fun stuff.
Comment 5 Philip Durbin 2007-02-26 12:00:44 EST
Rolling back to the previous versions of seamonkey-nss and seamonkey-nspr (with
all those dire advisories) allowed me to use Jabber with Gaim again:

rpm -Uvh --oldpackage seamonkey-nss-1.0.7-0.1.el4.i386.rpm
seamonkey-nspr-1.0.7-0.1.el4.i386.rpm

Phil
Comment 6 daryl herzmann 2007-02-26 16:08:00 EST
Hi,

Sorry for the noise, but Bug 229987 seems to indicate an errata is coming soon.
 Will this issue be resolved as well?

daryl
Comment 7 Martin Stransky 2007-02-26 16:11:35 EST
It should be.
Comment 8 daryl herzmann 2007-02-26 17:23:21 EST
Just applied seamonkey errata.  Looks good :)
Comment 9 Jack Neely 2007-02-26 17:44:54 EST
I've tested and confirmed that this particular issue is solved.  However, in our
rush to fix things no one noticed that RHEL 3 suffers the same bugs.  I've created 

   https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230158

which is a clone of Bug #229987 for RHEL 3.
Comment 10 Matěj Cepl 2007-02-27 17:36:23 EST
But this bug should be resolved, right?
Comment 11 Philip Durbin 2007-02-28 09:53:55 EST
It's probably safe to resolve this bug.  Gaim and Evolution have both worked
fine on my Red Hat Desktop since I installed seamonkey-nss-1.0.8-0.2.el4 and
seamonkey-nspr-1.0.8-0.2.el4 per http://rhn.redhat.com/errata/RHSA-2007-0077.html

Phil
Comment 12 Jack Neely 2007-02-28 11:11:40 EST
Against RHEL 4 this bug has been resolved.

However, this still exists for RHEL 3:  See Bug #230158
Comment 14 daryl herzmann 2007-03-08 17:32:26 EST
Why has't EL3 been fixed yet?  I just verified that Gaim doesn't work on EL3 as
I reported in this bug for EL4.
Comment 15 Matěj Cepl 2007-03-09 10:27:20 EST

*** This bug has been marked as a duplicate of 229987 ***

Note You need to log in before you can comment on or make changes to this bug.