[Bug 837557] Re: fraudulent DigiNotar certificate issuance

Micah Gersten launchpad at micahscomputing.com
Wed Sep 7 21:55:54 UTC 2011 

Just found out Qt 4.7 has a blacklist patch, so reopening tasks fro
maverick/natty/oneiric

** Changed in: qt4-x11 (Ubuntu Maverick)
   Importance: Undecided => Medium

** Changed in: qt4-x11 (Ubuntu Maverick)
       Status: Invalid => In Progress

** Changed in: qt4-x11 (Ubuntu Maverick)
     Assignee: (unassigned) => Micah Gersten (micahg)

** Changed in: qt4-x11 (Ubuntu Natty)
   Importance: Undecided => Medium

** Changed in: qt4-x11 (Ubuntu Natty)
       Status: Invalid => In Progress

** Changed in: qt4-x11 (Ubuntu Natty)
     Assignee: (unassigned) => Micah Gersten (micahg)

** Changed in: qt4-x11 (Ubuntu Oneiric)
   Importance: Undecided => Medium

** Changed in: qt4-x11 (Ubuntu Oneiric)
       Status: Invalid => Triaged

** Description changed:

  NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322.
  NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager.  This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA.  Future updates will properly show the root CA as distrusted in the certificate manager.
  
  WORKAROUND (from blog post):
  http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert
  
  -------------------------------------------------
  
  http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-
  certificate/
+ 
+ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the-
+ diginotar-security-breach-means-for-qt-users-continued/

** Description changed:

+ USN Information: This is being tracked in USN-1197-*
+ 
  NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322.
  NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager.  This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA.  Future updates will properly show the root CA as distrusted in the certificate manager.
  
  WORKAROUND (from blog post):
  http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert
  
  -------------------------------------------------
  
  http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-
  certificate/
  
  Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the-
  diginotar-security-breach-means-for-qt-users-continued/

-- 
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/837557

Title:
  fraudulent DigiNotar certificate issuance

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions

More information about the Ubuntu-mozillateam-bugs mailing list