[Security] Heads up - mozilla ca certs
glgxg at sbcglobal.net
Thu Sep 1 00:06:00 UTC 2011
On 08/31/2011 02:52 PM, NoOp wrote:
> On 08/31/2011 02:37 PM, Jordon Bedwell wrote:
>> On 08/31/2011 03:53 PM, Ric Moore wrote:
>>> Thanks for the heads up, I had that one in my certs. I deleted it. I
>>> happened to look at all the rest, The country of Japan?? There's a bunch
>>> that I have no clue where they came from... this is just stuff I just
>>> trusted and I didn't bother to go looking for fraudulent certs. I'm
>>> assuming the upgrade will show up in synaptic. Thanks again, Ric
>> You can also switch to the mozillateam ppa which was updated early this
>> morning before Debian issued it's DSA for iceweasal. I don't assume it
>> will be very long before Ubuntu gets it out though since it already hit
>> the PPA.
> Mozilla SeaMonkey Linux versions are borked (both 32bit and 64bit). Both
> report 2.3.1. But *worse* is that they reenstate DigiNotar Root CA.
> Tested both ways:
> 1. 32bit linux deleted DigiNotar Root CA and then did the update via
> Help|Check for Updates. DigiNotar Root CA is now back.
> Build identifier: Mozilla/5.0 (X11; Linux i686; rv:6.0.1) Gecko/20110830
> Firefox/6.0.1 SeaMonkey/2.3.1
> 2. 64bit linux deleted DigiNotar Root CA and then did the update via
> Help|Check for Updates. DigiNotar Root CA is now back. So I downloaded
> the entire bz2, deleted the old, and extracted to a new folder;
> DigiNotar Root CA is now back on that version as well.
> Build identifier: Mozilla/5.0 (X11; Linux x86_64; rv:6.0.1)
> Gecko/20110830 Firefox/6.0.1 SeaMonkey/2.3.1
> I've notified the Mozilla devs & Justin Wood (Callek) who is responsible
> for the builds.
False alarm regarding my last regarding the Mozilla SeaMonkey 2.3.2
builds. DigiNotar Root CA is now back (32bit) but cert blocking is
working. I tested with the test link in the bug report:
The 2.3.2 builds are still showing as 2.3.1 & Justin has created a blog
More information about the ubuntu-users