Bug#592315: firefox/chromium fails with libnss3-1d from unstable
Chris Donoghue
cd at cadas.com.au
Mon Aug 9 12:18:21 UTC 2010
On Mon, Aug 09, 2010 at 10:27:20AM +0200, Mike Hommey wrote:
> Long story short: the server is insecure (see the upstream bug below).
>
> A workaround for iceweasel is given here:
> https://bugzilla.mozilla.org/show_bug.cgi?id=583337#c6
As I use chromium the workaround provided of setting ssl3.dhe to false isn't going to work. Probably modutils from NSS security tools but I didn't get much time for reading or playing with that.
So, I thought I'd try the suggestion as given in this bug report in particular:
-------
I suggest that Mozilla ask portal-plumprod.cgc.enbridge.com to fix
this server configuration problem. The simplest fix is probably to
disable all DHE cipher suites.
-------
I wrote to Citylink "contact us" myself and thought that as I'm a really valued customer it might be worth a shot to let then know to improve their very weak security. Although I'm already thinking it's going to be a very long shot....
More information about the pkg-mozilla-maintainers
mailing list