[Bug 837557] Re: fraudulent DigiNotar certificate issuance

Launchpad Bug Tracker 837557 at bugs.launchpad.net
Thu Sep 8 17:28:56 UTC 2011


This bug was fixed in the package nss -
3.12.9+ckbi-1.82-0ubuntu0.10.10.3

---------------
nss (3.12.9+ckbi-1.82-0ubuntu0.10.10.3) maverick-security; urgency=low

  * SECURITY UPDATE: Add patch from Debian version 3.12.11-3 rebased against
    3.12.9 to remove the DigiNotar certificates and actively distrust them;
    Thanks to Mike Hommey from Debian for the original patch (LP: #837557)
    - mozilla/security/nss/lib/ckfw/builtins/certdata.*:
      Explicitely distrust various DigiNotar CAs:
      - DigiNotar Root CA
      - DigiNotar Services 1024 CA
      - DigiNotar Cyber CA
      - DigiNotar Cyber CA 2nd
      - DigiNotar PKIoverheid
      - DigiNotar PKIoverheid G2
    - mozilla/security/nss/lib/ckfw/builtins/certdata.*:
      Remove DigiNotar Root CA.
 -- Micah Gersten <micahg at ubuntu.com>   Wed, 07 Sep 2011 14:55:24 -0500

** Changed in: nss (Ubuntu Natty)
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/837557

Title:
  fraudulent DigiNotar certificate issuance

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions




More information about the Ubuntu-mozillateam-bugs mailing list