linux-traipu team mailing list archive
-
linux-traipu team
-
Mailing list archive
-
Message #02545
[Bug 881607] Re: ERROR:nss_util.cc(397)] Error initializing NSS without a persistent database: libsoftokn3.so: cannot open shared object file: Permission denied
This bug was fixed in the package chromium-browser -
15.0.874.102~r106587-0ubuntu1
---------------
chromium-browser (15.0.874.102~r106587-0ubuntu1) precise; urgency=low
* New upstream release from the Stable Channel (LP: #881786)
- fix LP: #881607 - Error initializing NSS without a persistent database
This release fixes the following security issues:
- [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to
Jordi Chancel.
- [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit
to Jordi Chancel.
- [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of
download filenames. Credit to Marc Novak.
- [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to
Google Chrome Security Team (Tom Sepez) plus independent discovery by
Juho Nurminen.
- [94487] Medium CVE-2011-3878: Race condition in worker process
initialization. Credit to miaubiz.
- [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to
Masato Kinugawa.
- [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit
to Vladimir Vorontsov, ONsec company.
- [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin
policy violations. Credit to Sergey Glazunov.
- [96292] High CVE-2011-3882: Use-after-free in media buffer handling.
Credit to Google Chrome Security Team (Inferno).
- [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to
miaubiz.
- [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to
Brian Ryner of the Chromium development community.
- [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale
style bugs leading to use-after-free. Credit to miaubiz.
- [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to
Christian Holler.
- [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to
Sergey Glazunov.
- [99138] High CVE-2011-3888: Use-after-free with plug-in and editing.
Credit to miaubiz.
- [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
- [99553] High CVE-2011-3890: Use-after-free in video source handling.
Credit to Ami Fischman of the Chromium development community.
- [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to
Steven Keuchel of the Chromium development community plus independent
discovery by Daniel Divricean.
[ Micah Gersten <micahg@xxxxxxxxxx> ]
* Switch to xz debs; Add Pre-Depends on dpkg >= 1.15.6 which is needed
until after Precise
- update debian/rules
- update debian/control
[ Chris Coulson <chris.coulson@xxxxxxxxxxxxx> ]
* Refresh patches
- update debian/patches/dlopen_sonamed_gl.patch
- update debian/patches/webkit_rev_parser.patch
* Dropped patches, fixed upstream
- remove debian/patches/cups_1.5_build_fix.patch
- update debian/patches/series
* Don't depend on cdbs being installed to create a tarball
- update debian/rules
- update debian/cdbs/tarball.mk
[ Fabien Tassin ]
* Disable NaCl until we figure out what to do with the private toolchain
- update debian/rules
* Do not install the pseudo_locales files in the debs
- update debian/rules
* Add python-simplejson to Build-depends. This is needed by NaCl even with
NaCl disabled, so this is a temporary workaround to unbreak the build, it
must be fixed upstream
- update debian/control
-- Micah Gersten <micahg@xxxxxxxxxx> Wed, 26 Oct 2011 02:52:39 -0500
** Changed in: chromium-browser (Ubuntu Precise)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2845
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3875
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3876
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3877
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3878
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3879
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3880
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3881
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3882
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3883
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3884
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3885
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3886
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3887
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3888
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3889
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3890
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3891
--
You received this bug notification because you are a member of UBUNTU -
AL - BR, which is subscribed to Chromium Browser.
https://bugs.launchpad.net/bugs/881607
Title:
ERROR:nss_util.cc(397)] Error initializing NSS without a persistent
database: libsoftokn3.so: cannot open shared object file: Permission
denied
Status in Chromium Browser:
Unknown
Status in “chromium-browser” package in Ubuntu:
Fix Released
Status in “chromium-browser” source package in Oneiric:
In Progress
Status in “chromium-browser” source package in Precise:
Fix Released
Bug description:
The following error is given when opening chromium-browser from the
terminal: [79:79:16194410127:ERROR:nss_util.cc(397)] Error
initializing NSS without a persistent database: libsoftokn3.so: cannot
open shared object file: Permission denied.
This seems to be specific to Ubuntu 11.10.
Chromium version: 14.0.835.202~r103287-0ubuntu1
Upstream bug report:
http://code.google.com/p/chromium/issues/detail?id=91962
To manage notifications about this bug go to:
https://bugs.launchpad.net/chromium-browser/+bug/881607/+subscriptions
References
