[Bug 1843044] Re: firefox crashes on a FIPS enabled machine

Nivedita Singhvi nivedita.singhvi at canonical.com
Tue Dec 24 16:50:24 UTC 2019


We have multiple reports of the latest Firefox not working with 
FIPS due to the above ongoing, so we would like to determine 
how to fix this as a priority. 

We are trying to determine what the best approach to take is
given the Mozilla team's direction to keep the default behavior
of the nss library the same (checking the fips_enabled flag),
and behaving differently if built with an env variable, and
not go with Vineetha's submitted patch. 

To get FF to FIPS mode, I suspect on Bionic we will need this
as well:

Bug 1531267: 
"FIPS mode should be enabled automatically if the system is in FIPS mode"
Fix in nss version: 3.43
(On Linux, even if /proc/sys/crypto/fips_enabled is 1, one needs to enable database's FIPS mode with modutil.)

On Bionic the nss package version was 2:3.35, which does not
have that fix (Eoan has 2:3.45).

-- 
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1843044

Title:
  firefox crashes on a FIPS enabled machine

To manage notifications about this bug go to:
https://bugs.launchpad.net/firefox/+bug/1843044/+subscriptions



More information about the Ubuntu-mozillateam-bugs mailing list