Bug#1001219: libnss3: recent update prevents ssl connections in chromium 73
Package: libnss3
Version: 2:3.26.2-1.1+deb9u3
Severity: normal
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
automatic security update to libnss3 (2:3.26.2-1.1+deb9u3) Thu, 02 Dec 2021 17:05:48 +0530Thu, 02 Dec 2021 17:05:48 +0530
prevents chromium 73.0.3683.75 from most if not all ssl connections
* What exactly did you do (or not do) that was effective (or
ineffective)?
chromium in headless mode not loading css from external resources and throws errors, see below
* What was the outcome of this action?
external css/js files loaded from cloudflare cdn do not load at all
[1206/150811.360650:ERROR:cert_verify_proc_nss.cc(974)] CERT_PKIXVerifyCert for cdnjs.cloudflare.com failed err=-8182
[1206/150811.362285:ERROR:ssl_client_socket_impl.cc(962)] handshake failed; returned -1, SSL error code 1, net_error -207
* What outcome did you expect instead?
ssl connections to cdn to work in order to load css/js resources
*** End of the template - remove these template lines ***
-- System Information:
Debian Release: 9.13
APT prefers oldoldstable
APT policy: (500, 'oldoldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.18.0-0.bpo.1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages libnss3 depends on:
ii libc6 2.24-11+deb9u4
ii libnspr4 2:4.12-6
ii libsqlite3-0 3.16.2-5+deb9u3
ii zlib1g 1:1.2.8.dfsg-5
libnss3 recommends no packages.
libnss3 suggests no packages.
-- no debconf information
Reply to: