View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0009050 | CentOS-6 | nss | public | 2015-07-11 02:11 | 2015-07-27 16:41 |
Reporter | skupsy | ||||
Priority | normal | Severity | major | Reproducibility | always |
Status | resolved | Resolution | no change required | ||
Product Version | 6.6 | ||||
Target Version | Fixed in Version | ||||
Summary | 0009050: Recent upgrade of NSS disrupts Thunderbird functionality | ||||
Description | After NSS (and util/tools) update to nss 3.19 (package nss.x86_64 0:3.19.1-3.el6_6) Thunderbird became unable to connect to an SMTP server using STARTTLS. Reverting to nss 3.18 (package nss.x86_64 0:3.18.0-5.3.el6_6) solved the problem. I suspect some kind of interaction w openssl; several applications exibit strange behaviors (strongswan, sshd, apache, ecc.) and fail secure connections Back to Thunderbird issue, on server side (sendmail) I get the message: STARTTLS=server: 17951:error:14094417:SSL routines:ssl3_read_bytes:sslv3 alert illegal parameter:s3_pkt.c:1472:SSL alert number 47 (and obviously the server config is ok and works fine with older nss on the client) | ||||
Steps To Reproduce | yum update nss nss-util nss-tools nss-sysinit (now Thunderbird cannot send messages using SMTP STARTTLS) to revert: yum downgrade nss nss-util nss-tools nss-sysinit (now all is ok again) | ||||
Tags | No tags attached. | ||||
> several applications exibit strange behaviors (strongswan, sshd, apache, ecc.) and fail secure connections my mistake, these issues are not related to the nss problem, the rest stands. This morning I successfully replicated the problem on a plain-vanilla CentOS6.6 installation; nss downgrade solves the issue. |
|
the recent upgrade of Thunderbird to 31.8.0-1 doesn't solve the issue | |
It came out it wasn't a bug: the new NSS library blocks connections to servers w insecure or weak ciphers (in my case DH). Switching to a more updated mail server solves the issue. |
|
Date Modified | Username | Field | Change |
---|---|---|---|
2015-07-11 02:11 | skupsy | New Issue | |
2015-07-11 10:57 | skupsy | Note Added: 0023609 | |
2015-07-21 12:00 | skupsy | Note Added: 0023679 | |
2015-07-22 14:48 | skupsy | Note Added: 0023690 | |
2015-07-27 16:41 | JohnnyHughes | Status | new => resolved |
2015-07-27 16:41 | JohnnyHughes | Resolution | open => no change required |