Thunderbird cannot initialize the security component when libnss3-0d 3.12.6 is installed

Bug #559918 reported by Bruce MacDonald on 2010-04-10
68
This bug affects 14 people
Affects Status Importance Assigned to Milestone
nss (Ubuntu)
High
Chris Coulson
Jaunty
Undecided
Unassigned
Karmic
High
Chris Coulson
Lucid
High
Chris Coulson
thunderbird (Ubuntu)
Undecided
Unassigned
Jaunty
High
Chris Coulson
Karmic
High
Unassigned
Lucid
Undecided
Unassigned

Bug Description

Binary package hint: thunderbird

This problem remains despite trying: disk space is ok, permissions in profile directory are ok, creating a new profile, reinstalling thunderbird. Only notable thing immediately before this problem was the firefox update today (firefox, libnss3-1d, libnss3-0d, xulrunner).

Have used thunderbird for a long time, so this sudden change is unexpected.

ProblemType: Bug
Architecture: amd64
Date: Sat Apr 10 21:34:25 2010
DistroRelease: Ubuntu 9.10
NonfreeKernelModules: wl nvidia
Package: mozilla-thunderbird (not installed)
ProcEnviron:
 PATH=(custom, user)
 LANG=en_NZ.UTF-8
 SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.31-20.58-generic
SourcePackage: thunderbird
Uname: Linux 2.6.31-20-generic x86_64

Karsten Müller (karmue) wrote :

Uninstall libnss3-0d and libnss3-dev.

Worked for me.

Greg Cempla (grzegorz-cempla) wrote :

Just uninstalled libnss3-0d. I had no libnss3-dev on my system. However I had libnss3-1d - this one was left on the system.
After deinstallation of libnss3-0d the problem disapeared.

Jamie Strandboge (jdstrand) wrote :

From bug #559881 comment #14.

"At your suggestion, I just used Synaptic to remove libnss3-0d (libcamel1.2-10 will be removed, libnss3-0d will be removed).
This eliminated all my bug symptoms.

So far as I know, I do not use FIPS. I did not ever and I do not have libnss3-dev installed.

These were my bug symptoms, "alert" messages that were displayed after I invoked Thunderbird and before Thunderbird displayed anything:

Alert
Could not initialize the browser's security component. The most likely cause is problems with files in your browser's profile directory. Please check that this directory has no read/write restrictions and your hard disk is not full or close to full. It is recommended hat you exit the browser and fix the problem. If you continue to use this browser session, you might see incorrect browser behavior when accessing security features.

Alert
Thunderbird can't connect securely to pop.gmail.com because the SSL protocol has been disabled."

Changed in thunderbird (Ubuntu):
status: New → Invalid
Changed in nss (Ubuntu):
status: New → Confirmed
summary: - startup error: could not initialize the browser's security component
- (and then ssl will not work)
+ Thunderbird cannot initialize the security component when libnss3-0d
+ 3.12.6 is installed
Changed in nss (Ubuntu Karmic):
status: New → Confirmed
Changed in thunderbird (Ubuntu Karmic):
status: New → Invalid
Changed in nss (Ubuntu Lucid):
importance: Undecided → High
assignee: nobody → Chris Coulson (chrisccoulson)
Changed in nss (Ubuntu Karmic):
importance: Undecided → High
assignee: nobody → Chris Coulson (chrisccoulson)
Changed in nss (Ubuntu Karmic):
importance: High → Critical
Changed in nss (Ubuntu Lucid):
importance: High → Critical

Removing libnss3-0d works for me too.

Jamie Strandboge (jdstrand) wrote :

It appears that hardy is the last release that had any rdepends on libnss3-0d. Therefore, people who had hardy installed and upgraded through to karmic could be affected (but even then, it seems they may have needed sunbird installed). I see a libcamel1.2-10 reference-- that very well could be gutsy or earlier.

Changed in nss (Ubuntu Karmic):
importance: Critical → High
Changed in nss (Ubuntu Lucid):
importance: Critical → High
Meadow (meadow-sunrise) wrote :

Like the others, the removal of libnss3-0d solved the issue

Jamie Strandboge (jdstrand) wrote :

Yes, libcamel1.2-10 is from Ubuntu 7.10 (Gutsy), so all user's upgrading from Gutsy could be affected, since libcamel1.2-10 is in the default install and it depends on libnss3-0d.

edam (edam) wrote :

Same here - removal of libnss3-0d fixed it.

paercebal (paercebal) wrote :

Same for me. I searched "libnss3-0d" in Synaptic, asked for rermoval, and Thunderbird's buggy behaviour disappear.

Jamie Strandboge (jdstrand) wrote :

Actually, this is probably a thunderbird problem after all. From IRC:

17:39 < ChrisCoulson> jdstrand - yeah, i confirmed now that installing libnss3-0d breaks thunderbird
17:39 < ChrisCoulson> thunderbird has a load of dangling symlinks to the .0d files in libnss3-0d
17:40 < ChrisCoulson> and when you install it, it messes up nss so that it fails to find libsoftokn.so

Will update the bug accordingly once it is decided how to proceed.

Dave Fear (dfear) wrote :

Same for me. I searched "libnss3-0d" in Synaptic, asked for rermoval, and Thunderbird's buggy behaviour disappear.

Changed in nss (Ubuntu Lucid):
status: Confirmed → Invalid
Changed in nss (Ubuntu Karmic):
status: Confirmed → Invalid
Changed in thunderbird (Ubuntu Karmic):
status: Invalid → In Progress
importance: Undecided → High
Changed in thunderbird (Ubuntu Karmic):
status: In Progress → Fix Committed
Jamie Strandboge (jdstrand) wrote :

Verified 2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2 in https://launchpad.net/~ubuntu-mozilla-security/+archive/ppa/+packages fixes the issue. Using 2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1 and libnss3-0d 3.12.6-0ubuntu0.9.10.2 gives the error message and I cannot connect using SSL. Upgrade to thunderbird 2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2 and it works again.

$ dpkg -l|egrep '(libnss3|thunderbird)' | awk '{print $2, $3}'
libnss3-0d 3.12.6-0ubuntu0.9.10.2
libnss3-1d 3.12.6-0ubuntu0.9.10.2
thunderbird 2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2

Once all the architectures are finished building, I will publish to security.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package thunderbird - 2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2

---------------
thunderbird (2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2) karmic-security; urgency=low

   * fix LP: #559918 - Thunderbird cannot initialize the security component when
     libnss3-0d > 3.12.6 is installed; we drop the dangling .so.0d links that
     became obsolete when we moved to non-versioned SONAMES for nss3 and nspr4
     - update debian/thunderbird.links
 -- Alexander Sack <email address hidden> Sun, 11 Apr 2010 16:32:48 +0200

Changed in thunderbird (Ubuntu Karmic):
status: Fix Committed → Fix Released
Andrew Smith (andrew-smith) wrote :

Can confirm that the latest updates from security have fixed the problem without any other action being taken. Thanks for the swift action!

I can also confirm it solved the problem since installing thunderbird 2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2.

Thanks for fixing this.

Jamie Strandboge (jdstrand) wrote :

This affects Jaunty with nss from the ubuntu-mozilla-security PPA. Steps to reproduce on Jaunty:
1. setup a POP3 account
2. enable master password in thunderbird
3. enable FIPS in thunderbird
4. close thunderbird
5. apt-get install libnss3-0d
6. start thunderbird

Changed in nss (Ubuntu Jaunty):
status: New → Invalid
Changed in thunderbird (Ubuntu Jaunty):
assignee: nobody → Chris Coulson (chrisccoulson)
importance: Undecided → High
status: New → Triaged
Changed in thunderbird (Ubuntu Jaunty):
status: Triaged → Fix Committed
Jamie Strandboge (jdstrand) wrote :

The updated package in the PPA (2.0.0.24+build1+nobinonly-0ubuntu0.9.04.2) fixes this issue.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package thunderbird - 2.0.0.24+build1+nobinonly-0ubuntu0.9.04.2

---------------
thunderbird (2.0.0.24+build1+nobinonly-0ubuntu0.9.04.2) jaunty-security; urgency=low

  * fix LP: #559918 - Thunderbird cannot initialize the security component when
    libnss3-0d > 3.12.6 is installed; we drop the dangling .so.0d links that
    became obsolete when we moved to non-versioned SONAMES for nss3 and nspr4
    - update debian/thunderbird.links
 -- Chris Coulson <email address hidden> Wed, 23 Jun 2010 14:36:59 +0100

Changed in thunderbird (Ubuntu Jaunty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers