[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Regression problem, call for advice Re: Call for advice and testing of nss (and nspr) and intention to upload correction

Hi Jiri

As I understand it is not supported at all. It does not mean that it will break automatically (as in the ruby-rails-2.3 example you gave) but we can not maintain it in a good way. One of the main reason for it not being supported is that the later versions do not even build on wheezy and hence it is hard to maintain. There could be many reasons for a software to no longer work. Environment changes is one example (as this nss update), but there are other cases too, like that the service the software uses has upgraded API or similar.

I'll make a new try to find out what the reason for this problem really is, mainly in order to understand whether this can impact some other application or not. But I will not spend too much time on it unless more people from the LTS team think this (chrome not usable) is a serious problem that must be fixed.

As I understand it, this is the situation:
- After the NSS upgrade chromium no longer work.
- Before the NSS upgrade chromium do work fine.
- Chromium has no Debian LTS support.
- Latest version of chrome can not install on wheezy (requires libstdc++6 (>= 4.8.0))

My suggestion is to upgrade to current Debian stable release, but there may of course be things that prevent you from doing that.
An alternative is that you downgrade your libnss3 package and "hold" it so it is not upgraded next time.

Best regards

// Ola

On 2 November 2016 at 20:41, Jiří Jánský <janskyj@gmail.com> wrote:
Hello all,
there is still one thing, that is unclear for me. Chromium is security unsupported package. But does it also mean, that it is unsupported at all (can be non-function after install by apt-get install chromium)?

I am aware, that wheezy chromium package is quite outdated for today web. But isn't this decision precedence for another similar packages? Security support for ruby-rails-2.3 was also ceased. Let's say, that I have application that is tested against that. I can still easily install it and run it under that, even if there are some described and non-fixed security vulnerabilities. And that wouldn't be true if some library, that it depand on would be upgraded to non-compatible version. I see it as a problem, that wasn't here in pre-lts verions. If I'll install woody, all packaged would be outdated, but fully function. That will not be true with  wheezy anymore (at least until libnss3 downgrade).

Is there some debian policy regarding it?

Jiri Jansky

P.S.: Current chrome-stable has unment dependencies in wheezy

2016-11-02 0:18 GMT+01:00 Ben Hutchings <ben@decadent.org.uk>:
On Tue, 2016-11-01 at 23:37 +0100, Ola Lundqvist wrote:
> Hi Ben, Balint and others
> I'd like to have some advice on this regression.
> 1) Is this worth investigating?
>  - Chrome is not supported, however we have now made it to crash. Ben
> obviously like that but maybe others do not have the same opinion.

I like that the outdated Debian package of chromium for wheezy is now
unusable.  If the current upstream version of Chromium (or Chrome) is
also broken then that *is* a problem - but I didn't think it could
still run on wheezy, or that it would use nss as a system library.

> 2) Is this severe enough for me to revert the nss 3.26 upload?

If *only* the outdated Debian package of chromium is affected, then
obviously I don't think it is.


Ben Hutchings
Horngren's Observation:
                   Among economists, the real world is often a special

 --- Inguza Technology AB --- MSc in Information Technology ----
/  ola@inguza.com                    Folkebogatan 26            \
|  opal@debian.org                   654 68 KARLSTAD            |
|  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /

Reply to: