Ubuntu
thunderbird package

Thunderbird cannot initialize the security component when libnss3-0d 3.12.6 is installed

Bug #559918 reported by Bruce MacDonald on 2010-04-10

This bug affects 14 people

	Status	Importance	Assigned to
nss (Ubuntu)	Invalid	High	Chris Coulson
Jaunty	Invalid	Undecided	Unassigned
Karmic	Invalid	High	Chris Coulson
Lucid	Invalid	High	Chris Coulson
thunderbird (Ubuntu)	Invalid	Undecided	Unassigned
Jaunty	Fix Released	High	Chris Coulson
Karmic	Fix Released	High	Unassigned
Lucid	Invalid	Undecided	Unassigned

Bug Description

Binary package hint: thunderbird

This problem remains despite trying: disk space is ok, permissions in profile directory are ok, creating a new profile, reinstalling thunderbird. Only notable thing immediately before this problem was the firefox update today (firefox, libnss3-1d, libnss3-0d, xulrunner).

Have used thunderbird for a long time, so this sudden change is unexpected.

ProblemType: Bug
Architecture: amd64
Date: Sat Apr 10 21:34:25 2010
DistroRelease: Ubuntu 9.10
NonfreeKernelModules: wl nvidia
Package: mozilla-thunderbird (not installed)
ProcEnviron:
PATH=(custom, user)
LANG=en_NZ.UTF-8
SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.31-20.58-generic
SourcePackage: thunderbird
Uname: Linux 2.6.31-20-generic x86_64

Tags:

Related branches

lp://staging/~mozillateam/thunderbird/thunderbird.karmic

lp://staging/ubuntu/karmic-security/thunderbird

lp://staging/~mozillateam/thunderbird/thunderbird.jaunty

lp://staging/ubuntu/jaunty-security/thunderbird

Revision history for this message

Bruce MacDonald (b-macdonald-auckland) wrote on 2010-04-10:

XsessionErrors.txt Edit (1.5 KiB, text/plain; charset="utf-8")

Revision history for this message

Karsten Müller (karmue) wrote on 2010-04-10:

Uninstall libnss3-0d and libnss3-dev.

Worked for me.

Revision history for this message

Greg Cempla (grzegorz-cempla) wrote on 2010-04-10:

Just uninstalled libnss3-0d. I had no libnss3-dev on my system. However I had libnss3-1d - this one was left on the system.
After deinstallation of libnss3-0d the problem disapeared.

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2010-04-10:

From bug #559881 comment #14.

"At your suggestion, I just used Synaptic to remove libnss3-0d (libcamel1.2-10 will be removed, libnss3-0d will be removed).
This eliminated all my bug symptoms.

So far as I know, I do not use FIPS. I did not ever and I do not have libnss3-dev installed.

These were my bug symptoms, "alert" messages that were displayed after I invoked Thunderbird and before Thunderbird displayed anything:

Alert
Could not initialize the browser's security component. The most likely cause is problems with files in your browser's profile directory. Please check that this directory has no read/write restrictions and your hard disk is not full or close to full. It is recommended hat you exit the browser and fix the problem. If you continue to use this browser session, you might see incorrect browser behavior when accessing security features.

Alert
Thunderbird can't connect securely to pop.gmail.com because the SSL protocol has been disabled."

Changed in thunderbird (Ubuntu):
status:	New → Invalid
Changed in nss (Ubuntu):
status:	New → Confirmed
summary:	- startup error: could not initialize the browser's security component - (and then ssl will not work) + Thunderbird cannot initialize the security component when libnss3-0d + 3.12.6 is installed
Changed in nss (Ubuntu Karmic):
status:	New → Confirmed
Changed in thunderbird (Ubuntu Karmic):
status:	New → Invalid
Changed in nss (Ubuntu Lucid):
importance:	Undecided → High
assignee:	nobody → Chris Coulson (chrisccoulson)
Changed in nss (Ubuntu Karmic):
importance:	Undecided → High
assignee:	nobody → Chris Coulson (chrisccoulson)

Jamie Strandboge (jdstrand) on 2010-04-10

Changed in nss (Ubuntu Karmic):
importance:	High → Critical
Changed in nss (Ubuntu Lucid):
importance:	High → Critical

Revision history for this message

Bruce MacDonald (b-macdonald-auckland) wrote on 2010-04-10:

Removing libnss3-0d works for me too.

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2010-04-10:

It appears that hardy is the last release that had any rdepends on libnss3-0d. Therefore, people who had hardy installed and upgraded through to karmic could be affected (but even then, it seems they may have needed sunbird installed). I see a libcamel1.2-10 reference-- that very well could be gutsy or earlier.

Changed in nss (Ubuntu Karmic):
importance:	Critical → High
Changed in nss (Ubuntu Lucid):
importance:	Critical → High

Revision history for this message

Meadow (meadow-sunrise) wrote on 2010-04-10:

Like the others, the removal of libnss3-0d solved the issue

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2010-04-10:

Yes, libcamel1.2-10 is from Ubuntu 7.10 (Gutsy), so all user's upgrading from Gutsy could be affected, since libcamel1.2-10 is in the default install and it depends on libnss3-0d.

Revision history for this message

edam (edam) wrote on 2010-04-11:

Same here - removal of libnss3-0d fixed it.

Revision history for this message

paercebal (paercebal) wrote on 2010-04-11:

#10

Same for me. I searched "libnss3-0d" in Synaptic, asked for rermoval, and Thunderbird's buggy behaviour disappear.

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2010-04-11:

#11

Actually, this is probably a thunderbird problem after all. From IRC:

17:39 < ChrisCoulson> jdstrand - yeah, i confirmed now that installing libnss3-0d breaks thunderbird
17:39 < ChrisCoulson> thunderbird has a load of dangling symlinks to the .0d files in libnss3-0d
17:40 < ChrisCoulson> and when you install it, it messes up nss so that it fails to find libsoftokn.so

Will update the bug accordingly once it is decided how to proceed.

Revision history for this message

Dave Fear (dfear) wrote on 2010-04-11:

#12

Same for me. I searched "libnss3-0d" in Synaptic, asked for rermoval, and Thunderbird's buggy behaviour disappear.

Jamie Strandboge (jdstrand) on 2010-04-11

Changed in nss (Ubuntu Lucid):
status:	Confirmed → Invalid
Changed in nss (Ubuntu Karmic):
status:	Confirmed → Invalid
Changed in thunderbird (Ubuntu Karmic):
status:	Invalid → In Progress
importance:	Undecided → High

Jamie Strandboge (jdstrand) on 2010-04-11

Changed in thunderbird (Ubuntu Karmic):
status:	In Progress → Fix Committed

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2010-04-11:

#13

Verified 2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2 in https://launchpad.net/~ubuntu-mozilla-security/+archive/ppa/+packages fixes the issue. Using 2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1 and libnss3-0d 3.12.6-0ubuntu0.9.10.2 gives the error message and I cannot connect using SSL. Upgrade to thunderbird 2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2 and it works again.

$ dpkg -l|egrep '(libnss3|thunderbird)' | awk '{print $2, $3}'
libnss3-0d 3.12.6-0ubuntu0.9.10.2
libnss3-1d 3.12.6-0ubuntu0.9.10.2
thunderbird 2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2

Once all the architectures are finished building, I will publish to security.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-04-11:

#14

This bug was fixed in the package thunderbird - 2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2

---------------
thunderbird (2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2) karmic-security; urgency=low

   * fix LP: #559918 - Thunderbird cannot initialize the security component when
     libnss3-0d > 3.12.6 is installed; we drop the dangling .so.0d links that
     became obsolete when we moved to non-versioned SONAMES for nss3 and nspr4
     - update debian/thunderbird.links
-- Alexander Sack <email address hidden> Sun, 11 Apr 2010 16:32:48 +0200

Changed in thunderbird (Ubuntu Karmic):
status:	Fix Committed → Fix Released

Revision history for this message

Andrew Smith (andrew-smith) wrote on 2010-04-12:

#15

Can confirm that the latest updates from security have fixed the problem without any other action being taken. Thanks for the swift action!

Revision history for this message

Andreas Stricker (andy-knitter) wrote on 2010-04-17:

#16

I can also confirm it solved the problem since installing thunderbird 2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2.

Thanks for fixing this.

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2010-06-23:

#17

This affects Jaunty with nss from the ubuntu-mozilla-security PPA. Steps to reproduce on Jaunty:
1. setup a POP3 account
2. enable master password in thunderbird
3. enable FIPS in thunderbird
4. close thunderbird
5. apt-get install libnss3-0d
6. start thunderbird

Changed in nss (Ubuntu Jaunty):
status:	New → Invalid
Changed in thunderbird (Ubuntu Jaunty):
assignee:	nobody → Chris Coulson (chrisccoulson)
importance:	Undecided → High
status:	New → Triaged

Chris Coulson (chrisccoulson) on 2010-06-23

Changed in thunderbird (Ubuntu Jaunty):
status:	Triaged → Fix Committed

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2010-06-23:

#18

The updated package in the PPA (2.0.0.24+build1+nobinonly-0ubuntu0.9.04.2) fixes this issue.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-07-22:

#19

This bug was fixed in the package thunderbird - 2.0.0.24+build1+nobinonly-0ubuntu0.9.04.2

---------------
thunderbird (2.0.0.24+build1+nobinonly-0ubuntu0.9.04.2) jaunty-security; urgency=low

  * fix LP: #559918 - Thunderbird cannot initialize the security component when
    libnss3-0d > 3.12.6 is installed; we drop the dangling .so.0d links that
    became obsolete when we moved to non-versioned SONAMES for nss3 and nspr4
    - update debian/thunderbird.links
-- Chris Coulson <email address hidden> Wed, 23 Jun 2010 14:36:59 +0100