[Bug 1126070] [NEW] Signature verification - expired certificate - wrong reason

kapetr 1126070 at bugs.launchpad.net
Fri Feb 15 10:24:38 UTC 2013 

*** This bug is a security vulnerability ***

Public security bug reported:

If signing certificate is expired, verification of signature fails -
that is OK.

But TB reports wrong reason:
"Signature not valid.
The signing certificate is issued by CA, which you do not trust for this type of certificate." 

That's not true. And no word about expiration.

When I change system time back and run TB again, verification is successful.
Remark: CA certificate is ok and valid until  2020.

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: thunderbird 17.0.2+build1-0ubuntu0.12.04.1
ProcVersionSignature: Ubuntu 3.2.0-37.58-generic 3.2.35
Uname: Linux 3.2.0-37-generic x86_64
NonfreeKernelModules: pci_stub vboxpci vboxnetadp bnep vboxnetflt rfcomm vboxdrv bluetooth compat parport_pc ppdev dm_crypt snd_hda_codec_hdmi snd_hda_codec_realtek ip6t_LOG xt_hl ip6t_rt nf_conntrack_ipv6 nf_defrag_ipv6 ipt_REJECT ipt_LOG snd_hda_intel xt_limit snd_hda_codec xt_tcpudp xt_addrtype snd_usb_audio snd_usbmidi_lib snd_seq_midi snd_hwdep xt_state snd_rawmidi snd_seq_midi_event snd_pcm snd_seq ip6table_filter snd_seq_device ip6_tables snd_timer snd_page_alloc mei nf_conntrack_netbios_ns nf_conntrack_broadcast nf_nat_ftp nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 snd nf_conntrack_ftp nf_conntrack soundcore coretemp psmouse serio_raw iptable_filter joydev mac_hid ip_tables x_tables lp parport hid_logitech ff_memless usbhid hid i915 r8169 drm_kms_helper drm i2c_algo_bit video usb_storage
AddonCompatCheckDisabled: False
AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.24.
ApportVersion: 2.0.1-0ubuntu17.1
Architecture: amd64
AudioDevicesInUse:
 USER        PID ACCESS COMMAND
 /dev/snd/controlC0:  hugo       1947 F.... pulseaudio
 /dev/snd/controlC1:  hugo       1947 F.... pulseaudio
BuildID: 20130106044124
CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 not found.
Card0.Amixer.info:
 Card hw:0 'PCH'/'HDA Intel PCH at 0xfe500000 irq 46'
   Mixer name	: 'Intel CougarPoint HDMI'
   Components	: 'HDA:10ec0887,1462d740,00100302 HDA:80862805,80862805,00100000'
   Controls      : 50
   Simple ctrls  : 22
Card1.Amixer.info:
 Card hw:1 'Set'/'C-Media USB Headphone Set at usb-0000:00:1a.0-1.1, full speed'
   Mixer name	: 'USB Mixer'
   Components	: 'USB0d8c:000c'
   Controls      : 7
   Simple ctrls  : 3
Channel: Unavailable
Date: Fri Feb 15 11:14:29 2013
EcryptfsInUse: Yes
ForcedLayersAccel: False
IfupdownConfig:
 auto lo
 iface lo inet loopback
InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Beta amd64 (20120401)
IpRoute:
 default via 10.6.6.138 dev eth0  proto static 
 10.6.6.0/24 dev eth0  proto kernel  scope link  src 10.6.6.1  metric 1 
 169.254.0.0/16 dev eth0  scope link  metric 1000 
 217.31.204.130 via 10.6.6.138 dev eth0  proto static 
 217.31.204.131 via 10.6.6.138 dev eth0  proto static
IwConfig:
 lo        no wireless extensions.
 
 eth0      no wireless extensions.
MarkForUpload: True
PrefSources: prefs.js
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
 LANG=cs_CZ.UTF-8
 SHELL=/bin/bash
Profiles: Profile0 (Default) - LastVersion=17.0.2/20130106044124 (In use)
RelatedPackageVersions:
 icedtea-6-plugin  1.2-2ubuntu1.3
 rhythmbox-mozilla 2.96-0ubuntu4.2
 totem-mozilla     3.0.1-0ubuntu21.1
RfKill:
 
RunningIncompatibleAddons: False
SourcePackage: thunderbird
UpgradeStatus: No upgrade log present (probably fresh install)
WifiSyslog:
 
dmi.bios.date: 08/04/2011
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: V1.0
dmi.board.asset.tag: To be filled by O.E.M.
dmi.board.name: H61MA-E35 (MS-7740)
dmi.board.vendor: MSI
dmi.board.version: 1.0
dmi.chassis.asset.tag: To Be Filled By O.E.M.
dmi.chassis.type: 3
dmi.chassis.vendor: MSI
dmi.chassis.version: 1.0
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrV1.0:bd08/04/2011:svnMSI:pnMS-7740:pvr1.0:rvnMSI:rnH61MA-E35(MS-7740):rvr1.0:cvnMSI:ct3:cvr1.0:
dmi.product.name: MS-7740
dmi.product.version: 1.0
dmi.sys.vendor: MSI

** Affects: thunderbird (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug precise running-unity

** Information type changed from Private Security to Public

** Information type changed from Public to Public Security

-- 
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to thunderbird in Ubuntu.
https://bugs.launchpad.net/bugs/1126070

Title:
  Signature verification - expired certificate - wrong reason

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1126070/+subscriptions

More information about the Ubuntu-mozillateam-bugs mailing list