[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
Nora Blob: those are blacklist entries. See details at https://security.stackexchange.com/questions/174474/why-is-diginotar-ca- still-in-my-mozilla-firefox. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in ca-certificates package in Ubuntu: Fix Released Status in chromium-browser package in Ubuntu: Fix Released Status in firefox package in Ubuntu: Fix Released Status in nss package in Ubuntu: Fix Released Status in qt4-x11 package in Ubuntu: Fix Released Status in seamonkey package in Ubuntu: Confirmed Status in thunderbird package in Ubuntu: Fix Released Status in xulrunner-1.9.2 package in Ubuntu: Invalid Status in ca-certificates source package in Lucid: Fix Released Status in chromium-browser source package in Lucid: Fix Released Status in firefox source package in Lucid: Fix Released Status in nss source package in Lucid: Fix Released Status in qt4-x11 source package in Lucid: Fix Released Status in seamonkey source package in Lucid: Won't Fix Status in thunderbird source package in Lucid: Fix Released Status in xulrunner-1.9.2 source package in Lucid: Fix Released Status in ca-certificates source package in Maverick: Fix Released Status in chromium-browser source package in Maverick: Fix Released Status in firefox source package in Maverick: Fix Released Status in nss source package in Maverick: Fix Released Status in qt4-x11 source package in Maverick: Fix Released Status in seamonkey source package in Maverick: Won't Fix Status in thunderbird source package in Maverick: Fix Released Status in xulrunner-1.9.2 source package in Maverick: Fix Released Status in ca-certificates source package in Natty: Fix Released Status in chromium-browser source package in Natty: Fix Released Status in firefox source package in Natty: Fix Released Status in nss source package in Natty: Fix Released Status in qt4-x11 source package in Natty: Fix Released Status in seamonkey source package in Natty: Won't Fix Status in thunderbird source package in Natty: Fix Released Status in xulrunner-1.9.2 source package in Natty: Fix Released Status in ca-certificates source package in Oneiric: Fix Released Status in chromium-browser source package in Oneiric: Fix Released Status in firefox source package in Oneiric: Fix Released Status in nss source package in Oneiric: Fix Released Status in qt4-x11 source package in Oneiric: Fix Released Status in seamonkey source package in Oneiric: Won't Fix Status in thunderbird source package in Oneiric: Fix Released Status in xulrunner-1.9.2 source package in Oneiric: Invalid Status in ca-certificates package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
Hello Oliver Tilloy, can you verify this issue? Best regrads -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in ca-certificates package in Ubuntu: Fix Released Status in chromium-browser package in Ubuntu: Fix Released Status in firefox package in Ubuntu: Fix Released Status in nss package in Ubuntu: Fix Released Status in qt4-x11 package in Ubuntu: Fix Released Status in seamonkey package in Ubuntu: Confirmed Status in thunderbird package in Ubuntu: Fix Released Status in xulrunner-1.9.2 package in Ubuntu: Invalid Status in ca-certificates source package in Lucid: Fix Released Status in chromium-browser source package in Lucid: Fix Released Status in firefox source package in Lucid: Fix Released Status in nss source package in Lucid: Fix Released Status in qt4-x11 source package in Lucid: Fix Released Status in seamonkey source package in Lucid: Won't Fix Status in thunderbird source package in Lucid: Fix Released Status in xulrunner-1.9.2 source package in Lucid: Fix Released Status in ca-certificates source package in Maverick: Fix Released Status in chromium-browser source package in Maverick: Fix Released Status in firefox source package in Maverick: Fix Released Status in nss source package in Maverick: Fix Released Status in qt4-x11 source package in Maverick: Fix Released Status in seamonkey source package in Maverick: Won't Fix Status in thunderbird source package in Maverick: Fix Released Status in xulrunner-1.9.2 source package in Maverick: Fix Released Status in ca-certificates source package in Natty: Fix Released Status in chromium-browser source package in Natty: Fix Released Status in firefox source package in Natty: Fix Released Status in nss source package in Natty: Fix Released Status in qt4-x11 source package in Natty: Fix Released Status in seamonkey source package in Natty: Won't Fix Status in thunderbird source package in Natty: Fix Released Status in xulrunner-1.9.2 source package in Natty: Fix Released Status in ca-certificates source package in Oneiric: Fix Released Status in chromium-browser source package in Oneiric: Fix Released Status in firefox source package in Oneiric: Fix Released Status in nss source package in Oneiric: Fix Released Status in qt4-x11 source package in Oneiric: Fix Released Status in seamonkey source package in Oneiric: Won't Fix Status in thunderbird source package in Oneiric: Fix Released Status in xulrunner-1.9.2 source package in Oneiric: Invalid Status in ca-certificates package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
Hello Oliver Tilloy, I can reproduce this issue in No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 18.04.1 LTS Release:18.04 Codename: bionic I created a new profile with firefox -p --new-instance, and get the certificates in the new profile with the new instance. If I delete the certificates they will be in the certificate manager with every new profile. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in ca-certificates package in Ubuntu: Fix Released Status in chromium-browser package in Ubuntu: Fix Released Status in firefox package in Ubuntu: Fix Released Status in nss package in Ubuntu: Fix Released Status in qt4-x11 package in Ubuntu: Fix Released Status in seamonkey package in Ubuntu: Confirmed Status in thunderbird package in Ubuntu: Fix Released Status in xulrunner-1.9.2 package in Ubuntu: Invalid Status in ca-certificates source package in Lucid: Fix Released Status in chromium-browser source package in Lucid: Fix Released Status in firefox source package in Lucid: Fix Released Status in nss source package in Lucid: Fix Released Status in qt4-x11 source package in Lucid: Fix Released Status in seamonkey source package in Lucid: Won't Fix Status in thunderbird source package in Lucid: Fix Released Status in xulrunner-1.9.2 source package in Lucid: Fix Released Status in ca-certificates source package in Maverick: Fix Released Status in chromium-browser source package in Maverick: Fix Released Status in firefox source package in Maverick: Fix Released Status in nss source package in Maverick: Fix Released Status in qt4-x11 source package in Maverick: Fix Released Status in seamonkey source package in Maverick: Won't Fix Status in thunderbird source package in Maverick: Fix Released Status in xulrunner-1.9.2 source package in Maverick: Fix Released Status in ca-certificates source package in Natty: Fix Released Status in chromium-browser source package in Natty: Fix Released Status in firefox source package in Natty: Fix Released Status in nss source package in Natty: Fix Released Status in qt4-x11 source package in Natty: Fix Released Status in seamonkey source package in Natty: Won't Fix Status in thunderbird source package in Natty: Fix Released Status in xulrunner-1.9.2 source package in Natty: Fix Released Status in ca-certificates source package in Oneiric: Fix Released Status in chromium-browser source package in Oneiric: Fix Released Status in firefox source package in Oneiric: Fix Released Status in nss source package in Oneiric: Fix Released Status in qt4-x11 source package in Oneiric: Fix Released Status in seamonkey source package in Oneiric: Won't Fix Status in thunderbird source package in Oneiric: Fix Released Status in xulrunner-1.9.2 source package in Oneiric: Invalid Status in ca-certificates package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
Nora Blob, Ubuntu 17.10 is EOL and not supported any longer. Is the issue present in a supported release of Ubuntu (14.04, 16.04, 18.04, 18.10) or in the current development version (19.04) ? -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in ca-certificates package in Ubuntu: Fix Released Status in chromium-browser package in Ubuntu: Fix Released Status in firefox package in Ubuntu: Fix Released Status in nss package in Ubuntu: Fix Released Status in qt4-x11 package in Ubuntu: Fix Released Status in seamonkey package in Ubuntu: Confirmed Status in thunderbird package in Ubuntu: Fix Released Status in xulrunner-1.9.2 package in Ubuntu: Invalid Status in ca-certificates source package in Lucid: Fix Released Status in chromium-browser source package in Lucid: Fix Released Status in firefox source package in Lucid: Fix Released Status in nss source package in Lucid: Fix Released Status in qt4-x11 source package in Lucid: Fix Released Status in seamonkey source package in Lucid: Won't Fix Status in thunderbird source package in Lucid: Fix Released Status in xulrunner-1.9.2 source package in Lucid: Fix Released Status in ca-certificates source package in Maverick: Fix Released Status in chromium-browser source package in Maverick: Fix Released Status in firefox source package in Maverick: Fix Released Status in nss source package in Maverick: Fix Released Status in qt4-x11 source package in Maverick: Fix Released Status in seamonkey source package in Maverick: Won't Fix Status in thunderbird source package in Maverick: Fix Released Status in xulrunner-1.9.2 source package in Maverick: Fix Released Status in ca-certificates source package in Natty: Fix Released Status in chromium-browser source package in Natty: Fix Released Status in firefox source package in Natty: Fix Released Status in nss source package in Natty: Fix Released Status in qt4-x11 source package in Natty: Fix Released Status in seamonkey source package in Natty: Won't Fix Status in thunderbird source package in Natty: Fix Released Status in xulrunner-1.9.2 source package in Natty: Fix Released Status in ca-certificates source package in Oneiric: Fix Released Status in chromium-browser source package in Oneiric: Fix Released Status in firefox source package in Oneiric: Fix Released Status in nss source package in Oneiric: Fix Released Status in qt4-x11 source package in Oneiric: Fix Released Status in seamonkey source package in Oneiric: Won't Fix Status in thunderbird source package in Oneiric: Fix Released Status in xulrunner-1.9.2 source package in Oneiric: Invalid Status in ca-certificates package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Attachment added: "certs.tar.bz2" https://bugs.launchpad.net/ubuntu/+source/seamonkey/+bug/837557/+attachment/5215891/+files/certs.tar.bz2 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in ca-certificates package in Ubuntu: Fix Released Status in chromium-browser package in Ubuntu: Fix Released Status in firefox package in Ubuntu: Fix Released Status in nss package in Ubuntu: Fix Released Status in qt4-x11 package in Ubuntu: Fix Released Status in seamonkey package in Ubuntu: Confirmed Status in thunderbird package in Ubuntu: Fix Released Status in xulrunner-1.9.2 package in Ubuntu: Invalid Status in ca-certificates source package in Lucid: Fix Released Status in chromium-browser source package in Lucid: Fix Released Status in firefox source package in Lucid: Fix Released Status in nss source package in Lucid: Fix Released Status in qt4-x11 source package in Lucid: Fix Released Status in seamonkey source package in Lucid: Won't Fix Status in thunderbird source package in Lucid: Fix Released Status in xulrunner-1.9.2 source package in Lucid: Fix Released Status in ca-certificates source package in Maverick: Fix Released Status in chromium-browser source package in Maverick: Fix Released Status in firefox source package in Maverick: Fix Released Status in nss source package in Maverick: Fix Released Status in qt4-x11 source package in Maverick: Fix Released Status in seamonkey source package in Maverick: Won't Fix Status in thunderbird source package in Maverick: Fix Released Status in xulrunner-1.9.2 source package in Maverick: Fix Released Status in ca-certificates source package in Natty: Fix Released Status in chromium-browser source package in Natty: Fix Released Status in firefox source package in Natty: Fix Released Status in nss source package in Natty: Fix Released Status in qt4-x11 source package in Natty: Fix Released Status in seamonkey source package in Natty: Won't Fix Status in thunderbird source package in Natty: Fix Released Status in xulrunner-1.9.2 source package in Natty: Fix Released Status in ca-certificates source package in Oneiric: Fix Released Status in chromium-browser source package in Oneiric: Fix Released Status in firefox source package in Oneiric: Fix Released Status in nss source package in Oneiric: Fix Released Status in qt4-x11 source package in Oneiric: Fix Released Status in seamonkey source package in Oneiric: Won't Fix Status in thunderbird source package in Oneiric: Fix Released Status in xulrunner-1.9.2 source package in Oneiric: Invalid Status in ca-certificates package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Attachment added: "certs.tar.bz2.gpg" https://bugs.launchpad.net/ubuntu/+source/seamonkey/+bug/837557/+attachment/5215892/+files/certs.tar.bz2.gpg -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in ca-certificates package in Ubuntu: Fix Released Status in chromium-browser package in Ubuntu: Fix Released Status in firefox package in Ubuntu: Fix Released Status in nss package in Ubuntu: Fix Released Status in qt4-x11 package in Ubuntu: Fix Released Status in seamonkey package in Ubuntu: Confirmed Status in thunderbird package in Ubuntu: Fix Released Status in xulrunner-1.9.2 package in Ubuntu: Invalid Status in ca-certificates source package in Lucid: Fix Released Status in chromium-browser source package in Lucid: Fix Released Status in firefox source package in Lucid: Fix Released Status in nss source package in Lucid: Fix Released Status in qt4-x11 source package in Lucid: Fix Released Status in seamonkey source package in Lucid: Won't Fix Status in thunderbird source package in Lucid: Fix Released Status in xulrunner-1.9.2 source package in Lucid: Fix Released Status in ca-certificates source package in Maverick: Fix Released Status in chromium-browser source package in Maverick: Fix Released Status in firefox source package in Maverick: Fix Released Status in nss source package in Maverick: Fix Released Status in qt4-x11 source package in Maverick: Fix Released Status in seamonkey source package in Maverick: Won't Fix Status in thunderbird source package in Maverick: Fix Released Status in xulrunner-1.9.2 source package in Maverick: Fix Released Status in ca-certificates source package in Natty: Fix Released Status in chromium-browser source package in Natty: Fix Released Status in firefox source package in Natty: Fix Released Status in nss source package in Natty: Fix Released Status in qt4-x11 source package in Natty: Fix Released Status in seamonkey source package in Natty: Won't Fix Status in thunderbird source package in Natty: Fix Released Status in xulrunner-1.9.2 source package in Natty: Fix Released Status in ca-certificates source package in Oneiric: Fix Released Status in chromium-browser source package in Oneiric: Fix Released Status in firefox source package in Oneiric: Fix Released Status in nss source package in Oneiric: Fix Released Status in qt4-x11 source package in Oneiric: Fix Released Status in seamonkey source package in Oneiric: Won't Fix Status in thunderbird source package in Oneiric: Fix Released Status in xulrunner-1.9.2 source package in Oneiric: Invalid Status in ca-certificates package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
Hello I observed this issue in: No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 17.10 Release:17.10 Codename: artful I also observed it in a local build from the gentoo repositories. I attached the certs and will open issues at gentoo and mozilla. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in ca-certificates package in Ubuntu: Fix Released Status in chromium-browser package in Ubuntu: Fix Released Status in firefox package in Ubuntu: Fix Released Status in nss package in Ubuntu: Fix Released Status in qt4-x11 package in Ubuntu: Fix Released Status in seamonkey package in Ubuntu: Confirmed Status in thunderbird package in Ubuntu: Fix Released Status in xulrunner-1.9.2 package in Ubuntu: Invalid Status in ca-certificates source package in Lucid: Fix Released Status in chromium-browser source package in Lucid: Fix Released Status in firefox source package in Lucid: Fix Released Status in nss source package in Lucid: Fix Released Status in qt4-x11 source package in Lucid: Fix Released Status in seamonkey source package in Lucid: Won't Fix Status in thunderbird source package in Lucid: Fix Released Status in xulrunner-1.9.2 source package in Lucid: Fix Released Status in ca-certificates source package in Maverick: Fix Released Status in chromium-browser source package in Maverick: Fix Released Status in firefox source package in Maverick: Fix Released Status in nss source package in Maverick: Fix Released Status in qt4-x11 source package in Maverick: Fix Released Status in seamonkey source package in Maverick: Won't Fix Status in thunderbird source package in Maverick: Fix Released Status in xulrunner-1.9.2 source package in Maverick: Fix Released Status in ca-certificates source package in Natty: Fix Released Status in chromium-browser source package in Natty: Fix Released Status in firefox source package in Natty: Fix Released Status in nss source package in Natty: Fix Released Status in qt4-x11 source package in Natty: Fix Released Status in seamonkey source package in Natty: Won't Fix Status in thunderbird source package in Natty: Fix Released Status in xulrunner-1.9.2 source package in Natty: Fix Released Status in ca-certificates source package in Oneiric: Fix Released Status in chromium-browser source package in Oneiric: Fix Released Status in firefox source package in Oneiric: Fix Released Status in nss source package in Oneiric: Fix Released Status in qt4-x11 source package in Oneiric: Fix Released Status in seamonkey source package in Oneiric: Won't Fix Status in thunderbird source package in Oneiric: Fix Released Status in xulrunner-1.9.2 source package in Oneiric: Invalid Status in ca-certificates package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Changed in: ca-certificates (Ubuntu) Assignee: Jamie Strandboge (jdstrand) = (unassigned) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in ca-certificates package in Ubuntu: Fix Released Status in chromium-browser package in Ubuntu: Fix Released Status in firefox package in Ubuntu: Fix Released Status in nss package in Ubuntu: Fix Released Status in qt4-x11 package in Ubuntu: Fix Released Status in seamonkey package in Ubuntu: Confirmed Status in thunderbird package in Ubuntu: Fix Released Status in xulrunner-1.9.2 package in Ubuntu: Invalid Status in ca-certificates source package in Lucid: Fix Released Status in chromium-browser source package in Lucid: Fix Released Status in firefox source package in Lucid: Fix Released Status in nss source package in Lucid: Fix Released Status in qt4-x11 source package in Lucid: Fix Released Status in seamonkey source package in Lucid: Won't Fix Status in thunderbird source package in Lucid: Fix Released Status in xulrunner-1.9.2 source package in Lucid: Fix Released Status in ca-certificates source package in Maverick: Fix Released Status in chromium-browser source package in Maverick: Fix Released Status in firefox source package in Maverick: Fix Released Status in nss source package in Maverick: Fix Released Status in qt4-x11 source package in Maverick: Fix Released Status in seamonkey source package in Maverick: Won't Fix Status in thunderbird source package in Maverick: Fix Released Status in xulrunner-1.9.2 source package in Maverick: Fix Released Status in ca-certificates source package in Natty: Fix Released Status in chromium-browser source package in Natty: Fix Released Status in firefox source package in Natty: Fix Released Status in nss source package in Natty: Fix Released Status in qt4-x11 source package in Natty: Fix Released Status in seamonkey source package in Natty: Won't Fix Status in thunderbird source package in Natty: Fix Released Status in xulrunner-1.9.2 source package in Natty: Fix Released Status in ca-certificates source package in Oneiric: Fix Released Status in chromium-browser source package in Oneiric: Fix Released Status in firefox source package in Oneiric: Fix Released Status in nss source package in Oneiric: Fix Released Status in qt4-x11 source package in Oneiric: Fix Released Status in seamonkey source package in Oneiric: Won't Fix Status in thunderbird source package in Oneiric: Fix Released Status in xulrunner-1.9.2 source package in Oneiric: Invalid Status in ca-certificates package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Branch unlinked: lp:~mozillateam/firefox/firefox.head -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in ca-certificates package in Ubuntu: Fix Released Status in chromium-browser package in Ubuntu: Fix Released Status in firefox package in Ubuntu: Fix Released Status in nss package in Ubuntu: Fix Released Status in qt4-x11 package in Ubuntu: Fix Released Status in seamonkey package in Ubuntu: Confirmed Status in thunderbird package in Ubuntu: Fix Released Status in xulrunner-1.9.2 package in Ubuntu: Invalid Status in ca-certificates source package in Lucid: Fix Released Status in chromium-browser source package in Lucid: Fix Released Status in firefox source package in Lucid: Fix Released Status in nss source package in Lucid: Fix Released Status in qt4-x11 source package in Lucid: Fix Released Status in seamonkey source package in Lucid: Won't Fix Status in thunderbird source package in Lucid: Fix Released Status in xulrunner-1.9.2 source package in Lucid: Fix Released Status in ca-certificates source package in Maverick: Fix Released Status in chromium-browser source package in Maverick: Fix Released Status in firefox source package in Maverick: Fix Released Status in nss source package in Maverick: Fix Released Status in qt4-x11 source package in Maverick: Fix Released Status in seamonkey source package in Maverick: Won't Fix Status in thunderbird source package in Maverick: Fix Released Status in xulrunner-1.9.2 source package in Maverick: Fix Released Status in ca-certificates source package in Natty: Fix Released Status in chromium-browser source package in Natty: Fix Released Status in firefox source package in Natty: Fix Released Status in nss source package in Natty: Fix Released Status in qt4-x11 source package in Natty: Fix Released Status in seamonkey source package in Natty: Won't Fix Status in thunderbird source package in Natty: Fix Released Status in xulrunner-1.9.2 source package in Natty: Fix Released Status in ca-certificates source package in Oneiric: Fix Released Status in chromium-browser source package in Oneiric: Fix Released Status in firefox source package in Oneiric: Fix Released Status in nss source package in Oneiric: Fix Released Status in qt4-x11 source package in Oneiric: Fix Released Status in seamonkey source package in Oneiric: Won't Fix Status in thunderbird source package in Oneiric: Fix Released Status in xulrunner-1.9.2 source package in Oneiric: Invalid Status in ca-certificates package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Changed in: seamonkey (Ubuntu Lucid) Status: Confirmed = Won't Fix -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Fix Released Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Fix Released Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Released Status in “seamonkey” source package in Lucid: Won't Fix Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Fix Released Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Released Status in “seamonkey” source package in Maverick: Won't Fix Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Fix Released Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Released Status in “seamonkey” source package in Natty: Won't Fix Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Fix Released Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Fix Released Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Won't Fix Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package xulrunner-1.9.2 - 1.9.2.27+build1 +nobinonly-0ubuntu0.11.04.1 --- xulrunner-1.9.2 (1.9.2.27+build1+nobinonly-0ubuntu0.11.04.1) natty-security; urgency=low * SECURITY UPDATE: New upstream release v1.9.2.27 (FIREFOX_3_6_27_BUILD1) See the following for more information: - LP: #934073 - USN-1353-1 - USN-1251-1 - USN-1210-1 - LP: #838322 - LP: #837557 - USN-1184-1 - USN-1149-1 -- Jamie Strandboge ja...@ubuntu.com Fri, 17 Feb 2012 08:04:19 -0600 ** Changed in: xulrunner-1.9.2 (Ubuntu Natty) Status: Triaged = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Fix Released Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Fix Released Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Released Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Fix Released Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Released Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Fix Released Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Released Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Fix Released Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Fix Released Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Branch linked: lp:ubuntu/natty-security/xulrunner-1.9.2 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Fix Released Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Fix Released Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Released Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Fix Released Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Released Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Fix Released Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Released Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Fix Released Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Fix Released Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
Fixed in 14.0.835.202~r103287-0ubuntu0.11.04.1 ** Changed in: chromium-browser (Ubuntu Natty) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Fix Released Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Fix Released Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Released Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Fix Released Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Released Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Fix Released Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Released Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Fix Released Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Changed in: chromium-browser (Ubuntu Lucid) Status: Confirmed = Fix Committed ** Changed in: chromium-browser (Ubuntu Maverick) Status: Confirmed = Fix Committed ** Changed in: chromium-browser (Ubuntu Natty) Status: Confirmed = Fix Committed -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Fix Released Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Fix Committed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Released Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Fix Committed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Released Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Fix Committed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Released Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Fix Released Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
Fixed in 14.0.835.202~r103287-0ubuntu0.10.04.2 ** Changed in: chromium-browser (Ubuntu Lucid) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Fix Released Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Fix Released Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Released Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Fix Released Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Released Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Fix Committed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Released Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Fix Released Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
Fixed in 14.0.835.202~r103287-0ubuntu0.10.10.1 ** Changed in: chromium-browser (Ubuntu Maverick) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Fix Released Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Fix Released Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Released Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Fix Released Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Released Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Fix Committed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Released Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Fix Released Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
Fixed with the recent update to Chromium 14. ** Changed in: chromium-browser (Ubuntu Oneiric) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Fix Released Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Released Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Released Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Released Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Fix Released Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Branch linked: lp:ubuntu/lucid-security/qt4-x11 ** Branch linked: lp:ubuntu/maverick-security/qt4-x11 ** Branch linked: lp:ubuntu/natty-security/qt4-x11 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Released Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Released Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Released Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Branch linked: lp:firefox/stable -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Released Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Released Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Released Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package qt4-x11 - 4:4.6.2-0ubuntu5.3 --- qt4-x11 (4:4.6.2-0ubuntu5.3) lucid-security; urgency=low * SECURITY UPDATE: Blacklist Diginotar root and intermediate certificates; Fraudulent certificates were mis-issued that could allow an attacker to monitor secure communication through a man-in-the-middle (MITM) attack - add debian/patches/kubuntu_31_blacklist_ssl_certificates_part2.diff - LP: #837557 -- Micah Gersten mic...@ubuntu.com Fri, 09 Sep 2011 18:36:48 -0500 ** Changed in: qt4-x11 (Ubuntu Lucid) Status: Fix Committed = Fix Released ** Changed in: qt4-x11 (Ubuntu Maverick) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Released Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Released Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Released Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package qt4-x11 - 4:4.7.0-0ubuntu4.4 --- qt4-x11 (4:4.7.0-0ubuntu4.4) maverick-security; urgency=low * SECURITY UPDATE: Blacklist Diginotar root and intermediate certificates; Fraudulent certificates were mis-issued that could allow an attacker to monitor secure communication through a man-in-the-middle (MITM) attack - add debian/patches/kubuntu_31_blacklist_ssl_certificates_part2.diff - LP: #837557 -- Micah Gersten mic...@ubuntu.com Fri, 09 Sep 2011 15:43:49 -0500 ** Changed in: qt4-x11 (Ubuntu Natty) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Released Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Released Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Released Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package qt4-x11 - 4:4.7.2-0ubuntu6.3 --- qt4-x11 (4:4.7.2-0ubuntu6.3) natty-security; urgency=low * SECURITY UPDATE: Blacklist Diginotar root and intermediate certificates; Fraudulent certificates were mis-issued that could allow an attacker to monitor secure communication through a man-in-the-middle (MITM) attack - add debian/patches/kubuntu_31_blacklist_ssl_certificates_part2.diff - LP: #837557 -- Micah Gersten mic...@ubuntu.com Fri, 09 Sep 2011 18:27:52 -0500 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Released Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Released Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Released Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Branch linked: lp:thunderbird/stable -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Committed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Committed Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Committed Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
Please don't change bug watches without a comment. ** Changed in: ca-certificates (Debian) Importance: Undecided = Unknown ** Changed in: ca-certificates (Debian) Status: New = Unknown ** Changed in: ca-certificates (Debian) Remote watch: None = Debian Bug tracker #639744 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Committed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Committed Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Committed Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Unknown Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Changed in: ca-certificates (Debian) Status: Unknown = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Committed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Committed Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Committed Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package qt4-x11 - 4:4.7.4-0ubuntu1 --- qt4-x11 (4:4.7.4-0ubuntu1) oneiric; urgency=low * New upstream release (LP: #839557, #785318) * debian/patches/Add_support_for_QT_USE_DRAG_DISTANCE_env_var.patch, debian/patches/a11y_qt_and_qml_backport.diff, debian/patches/qtdebug_syslog.patch, debian/patches/kubuntu_12_fix_stack_protector.diff, debian/patches/kubuntu_28_xi2.1.patch: - adapt to new upstream version * Fix_GL_problems_on_stock_1.4_SGX_drivers.patch, Fixed_missing_text_when_using_static_text_items_in_GL_2_engine.patch, Prevent_recursion_when_creating_window_surface.patch, kubuntu_24_large_qtreeview.diff, kubuntu_27_dbus_signal_filter_passes_not_handled.diff: - removed, part of the upstream tarball now * debian/patches/kubuntu_15_appmenu.diff: - updated to take a version closer to the upstreamed 4.8 one. Is compatible with incoming appmenu-qt 0.2.2 (LP: #838115) * debian/libqt4-declarative.install: - libtcpserver.so has been renamed libqmldbg_tcp.so * debian/control, debian/libqt4-declarative-shaders.install: - add the new shaders package. Use the same suggests/recommends pattern than other declarative-* plugins * debian/patches/blacklist-diginotar-certs.diff: - add DigiNotar securty breach blacklist (LP: #837557) -- Didier Roche didro...@ubuntu.com Thu, 08 Sep 2011 11:33:52 +0200 ** Changed in: qt4-x11 (Ubuntu Oneiric) Status: Triaged = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: In Progress Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: In Progress Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert -
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Branch linked: lp:ubuntu/qt4-x11 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: In Progress Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: In Progress Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package nss - 3.12.9+ckbi-1.82-0ubuntu5 --- nss (3.12.9+ckbi-1.82-0ubuntu5) oneiric; urgency=low * SECURITY UPDATE: Add patch from Debian version 3.12.11-3 rebased against 3.12.9 to remove the DigiNotar certificates and actively distrust them; Thanks to Mike Hommey from Debian for the original patch (LP: #837557) - mozilla/security/nss/lib/ckfw/builtins/certdata.*: Explicitely distrust various DigiNotar CAs: - DigiNotar Root CA - DigiNotar Services 1024 CA - DigiNotar Cyber CA - DigiNotar Cyber CA 2nd - DigiNotar PKIoverheid - DigiNotar PKIoverheid G2 - mozilla/security/nss/lib/ckfw/builtins/certdata.*: Remove DigiNotar Root CA. * Add a symlink from Linux2.6.mk to Linux3.0.mk; This is a temporary hack to let NSS build on a 3.0.x kernel - update debian/rules -- Micah Gersten mic...@ubuntu.com Fri, 09 Sep 2011 11:57:13 -0500 ** Changed in: nss (Ubuntu Oneiric) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: In Progress Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: In Progress Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe :
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
Lucid, Maverick, and Natty builds of qt4-x11 will be available in ubuntu-security-proposed in several hours for anyone who is interested ** Changed in: nss (Ubuntu Oneiric) Assignee: (unassigned) = Micah Gersten (micahg) ** Changed in: qt4-x11 (Ubuntu Maverick) Status: In Progress = Fix Committed ** Changed in: qt4-x11 (Ubuntu Natty) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Committed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Committed Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Committed Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
While Lucid doesn't have the DigiNotar root CA, we can still blacklist like we did for Comodo. ** Changed in: qt4-x11 (Ubuntu Lucid) Status: Confirmed = Fix Committed ** Changed in: qt4-x11 (Ubuntu Lucid) Assignee: (unassigned) = Micah Gersten (micahg) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Fix Released Status in “qt4-x11” package in Ubuntu: Fix Released Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Fix Committed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: Fix Committed Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: Fix Committed Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Fix Released Status in “qt4-x11” source package in Oneiric: Fix Released Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Branch linked: lp:~kubuntu-packagers/kubuntu-packaging/qt -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Triaged Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: In Progress Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: In Progress Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Triaged Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
Hi, For the very old Seamonkey 2.0 : http://support.mozilla.com/fr/kb /supprimer-certificat-diginotar-ca -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Triaged Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: In Progress Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: In Progress Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Triaged Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package nss - 3.12.9+ckbi-1.82-0ubuntu0.10.10.3 --- nss (3.12.9+ckbi-1.82-0ubuntu0.10.10.3) maverick-security; urgency=low * SECURITY UPDATE: Add patch from Debian version 3.12.11-3 rebased against 3.12.9 to remove the DigiNotar certificates and actively distrust them; Thanks to Mike Hommey from Debian for the original patch (LP: #837557) - mozilla/security/nss/lib/ckfw/builtins/certdata.*: Explicitely distrust various DigiNotar CAs: - DigiNotar Root CA - DigiNotar Services 1024 CA - DigiNotar Cyber CA - DigiNotar Cyber CA 2nd - DigiNotar PKIoverheid - DigiNotar PKIoverheid G2 - mozilla/security/nss/lib/ckfw/builtins/certdata.*: Remove DigiNotar Root CA. -- Micah Gersten mic...@ubuntu.com Wed, 07 Sep 2011 14:55:24 -0500 ** Changed in: nss (Ubuntu Natty) Status: In Progress = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Triaged Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: In Progress Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: In Progress Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Triaged Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package nss - 3.12.9+ckbi-1.82-0ubuntu0.10.04.3 --- nss (3.12.9+ckbi-1.82-0ubuntu0.10.04.3) lucid-security; urgency=low * SECURITY UPDATE: Add patch from Debian version 3.12.11-3 rebased against 3.12.9 to remove the DigiNotar certificates and actively distrust them; Thanks to Mike Hommey from Debian for the original patch (LP: #837557) - mozilla/security/nss/lib/ckfw/builtins/certdata.*: Explicitely distrust various DigiNotar CAs: - DigiNotar Root CA - DigiNotar Services 1024 CA - DigiNotar Cyber CA - DigiNotar Cyber CA 2nd - DigiNotar PKIoverheid - DigiNotar PKIoverheid G2 - mozilla/security/nss/lib/ckfw/builtins/certdata.*: Remove DigiNotar Root CA. -- Micah Gersten mic...@ubuntu.com Wed, 07 Sep 2011 14:53:13 -0500 ** Changed in: nss (Ubuntu Lucid) Status: In Progress = Fix Released ** Changed in: nss (Ubuntu Maverick) Status: In Progress = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Triaged Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: In Progress Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: In Progress Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Triaged Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help :
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package nss - 3.12.9+ckbi-1.82-0ubuntu2.1 --- nss (3.12.9+ckbi-1.82-0ubuntu2.1) natty-security; urgency=low * SECURITY UPDATE: Add patch from Debian version 3.12.11-3 rebased against 3.12.9 to remove the DigiNotar certificates and actively distrust them; Thanks to Mike Hommey from Debian for the original patch (LP: #837557) - mozilla/security/nss/lib/ckfw/builtins/certdata.*: Explicitely distrust various DigiNotar CAs: - DigiNotar Root CA - DigiNotar Services 1024 CA - DigiNotar Cyber CA - DigiNotar Cyber CA 2nd - DigiNotar PKIoverheid - DigiNotar PKIoverheid G2 - mozilla/security/nss/lib/ckfw/builtins/certdata.*: Remove DigiNotar Root CA. -- Micah Gersten mic...@ubuntu.com Wed, 07 Sep 2011 15:15:37 -0500 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Triaged Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: In Progress Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: In Progress Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Triaged Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Branch linked: lp:ubuntu/natty-security/nss ** Branch linked: lp:ubuntu/lucid-security/nss ** Branch linked: lp:ubuntu/maverick-security/nss -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Triaged Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: In Progress Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: In Progress Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Triaged Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package ca-certificates - 20090814ubuntu0.10.04.1 --- ca-certificates (20090814ubuntu0.10.04.1) lucid-security; urgency=low * SECURITY UPDATE: Blacklist DigiNotar Root CA due to fraudulent certificate issuance (LP: #837557) - update mozilla/blacklist.txt -- Micah Gersten mic...@ubuntu.com Thu, 01 Sep 2011 11:38:01 -0500 ** Changed in: ca-certificates (Ubuntu Lucid) Status: Fix Committed = Fix Released ** Changed in: ca-certificates (Ubuntu Maverick) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Triaged Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: In Progress Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: In Progress Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Triaged Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package ca-certificates - 20090814+nmu2ubuntu0.1 --- ca-certificates (20090814+nmu2ubuntu0.1) natty-security; urgency=low * SECURITY UPDATE: Blacklist DigiNotar Root CA due to fraudulent certificate issuance (LP: #837557) - update mozilla/blacklist.txt -- Micah Gersten mic...@ubuntu.com Thu, 01 Sep 2011 11:53:21 -0500 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Triaged Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: In Progress Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: In Progress Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Triaged Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package ca-certificates - 20090814ubuntu0.10.10.1 --- ca-certificates (20090814ubuntu0.10.10.1) maverick-security; urgency=low * SECURITY UPDATE: Blacklist DigiNotar Root CA due to fraudulent certificate issuance (LP: #837557) - update mozilla/blacklist.txt -- Micah Gersten mic...@ubuntu.com Thu, 01 Sep 2011 11:42:30 -0500 ** Changed in: ca-certificates (Ubuntu Natty) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Triaged Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: In Progress Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: In Progress Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Triaged Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Branch linked: lp:ubuntu/lucid-security/ca-certificates ** Branch linked: lp:ubuntu/natty-security/ca-certificates ** Branch linked: lp:ubuntu/maverick-security/ca-certificates -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Triaged Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Released Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Fix Released Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Released Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Fix Released Status in “qt4-x11” source package in Maverick: In Progress Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Released Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Fix Released Status in “qt4-x11” source package in Natty: In Progress Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Triaged Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: USN Information: This is being tracked in USN-1197-* NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Branch linked: lp:~mozillateam/nss/nss.lucid -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Invalid Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: Invalid Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: Invalid Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Invalid Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Branch linked: lp:~mozillateam/nss/nss.natty -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Invalid Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: Invalid Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: Invalid Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Invalid Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
Just found out Qt 4.7 has a blacklist patch, so reopening tasks fro maverick/natty/oneiric ** Changed in: qt4-x11 (Ubuntu Maverick) Importance: Undecided = Medium ** Changed in: qt4-x11 (Ubuntu Maverick) Status: Invalid = In Progress ** Changed in: qt4-x11 (Ubuntu Maverick) Assignee: (unassigned) = Micah Gersten (micahg) ** Changed in: qt4-x11 (Ubuntu Natty) Importance: Undecided = Medium ** Changed in: qt4-x11 (Ubuntu Natty) Status: Invalid = In Progress ** Changed in: qt4-x11 (Ubuntu Natty) Assignee: (unassigned) = Micah Gersten (micahg) ** Changed in: qt4-x11 (Ubuntu Oneiric) Importance: Undecided = Medium ** Changed in: qt4-x11 (Ubuntu Oneiric) Status: Invalid = Triaged ** Description changed: NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ + + Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- + diginotar-security-breach-means-for-qt-users-continued/ ** Description changed: + USN Information: This is being tracked in USN-1197-* + NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the- diginotar-security-breach-means-for-qt-users-continued/ -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Triaged Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: In Progress Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: In Progress Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package thunderbird - 7.0~b2+build2+nobinonly- 0ubuntu1 --- thunderbird (7.0~b2+build2+nobinonly-0ubuntu1) oneiric; urgency=low * New upstream release from the beta channel (THUNDERBIRD_7_0b2_BUILD2) - LP: #837557 and LP: #838322 * Update globalmenu-extension to 2.0 - Only update a menu in realtime if it's parent is opening. For all other times, just invalidate the menu. Avoids spamming dbus everytime something changes in the menu - When removing a menuitem from its parent, check that the index is in-bounds. Should fix a frequent crash on startup, although it doesn't explain how it gets in to that state in the first place - Add the ability to turn on debugging without building Firefox with debugging on * Add upstream patch to only add ENABLE_JIT=1 to CXXFLAGS if any of trace/ method/yarr jit is enabled. Fixes a build failure on PPC - add debian/patches/only-add-ENABLE_JIT-to-CXXFLAGS-if-jit-is-enabled.patch - update debian/patches/series * Add upstream patch to fix build failure with ENABLE_YARR_JIT=0 - add debian/patches/build-fix-for-no-ENABLE_YARR_JIT.patch - update debian/patches/series * Add upstream patch to work around a linker bug - add debian/patches/compile-pldhash-as-C++.patch - update debian/patches/series * Don't pass an empty --mozilla-repo= argument to client.py when creating the source tarball without a local cache, as it totally breaks. This is why we've got rid of all this in nightly and aurora, so we can avoid such bandaids in the first place - update debian/mozclient/thunderbird.conf * Messagingmenu fixes: - Use the libunity5 ABI (LP: #839154) - Don't use QueryInterface on objects where we can't guarantee they implement a particular interface (LP: #826447) * Make sure that thunderbird-gnome-support actually depends on libunity5 - update debian/rules * Update eds extension to r84 from 0.3 branch - fixes a shutdown crash * Use the latest eds libs for the contacts integration -- Chris Coulson chris.coul...@canonical.com Tue, 06 Sep 2011 00:19:41 +0100 ** Changed in: thunderbird (Ubuntu Oneiric) Status: In Progress = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Invalid Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: Invalid Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: Invalid Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Invalid Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Branch linked: lp:ubuntu/thunderbird -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Invalid Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: Fix Released Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: Invalid Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: Invalid Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Invalid Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: Fix Released Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Branch linked: lp:ubuntu/lucid-security/thunderbird ** Branch linked: lp:ubuntu/maverick-security/thunderbird ** Branch linked: lp:ubuntu/natty-security/thunderbird -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Invalid Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: Invalid Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: Invalid Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Invalid Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Description changed: - NOTE: The Firefox update causes a regression for certain Dutch sites - which is being tracked in Bug #838322. + NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. + NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Invalid Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: Invalid Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: Invalid Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Invalid Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
regarding the Qt bundle: I cannot find the DigiNotar root cert in there, the
bundle is really old apparently.
(did:
cd src/network/ssl
csplit -s qt-ca-bundle.crt '/^$/' {*}
for i in $(ls ./xx*); do echo $i; openssl x509 -text -noout -in $i; done|grep
-i 'subject:'|grep -i diginotar
... does not yield anything).
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to thunderbird in Ubuntu.
https://bugs.launchpad.net/bugs/837557
Title:
fraudulent DigiNotar certificate issuance
Status in “ca-certificates” package in Ubuntu:
Fix Released
Status in “chromium-browser” package in Ubuntu:
Confirmed
Status in “firefox” package in Ubuntu:
Fix Released
Status in “nss” package in Ubuntu:
Confirmed
Status in “qt4-x11” package in Ubuntu:
Invalid
Status in “seamonkey” package in Ubuntu:
Confirmed
Status in “thunderbird” package in Ubuntu:
In Progress
Status in “xulrunner-1.9.2” package in Ubuntu:
Invalid
Status in “ca-certificates” source package in Lucid:
Fix Committed
Status in “chromium-browser” source package in Lucid:
Confirmed
Status in “firefox” source package in Lucid:
Fix Released
Status in “nss” source package in Lucid:
In Progress
Status in “qt4-x11” source package in Lucid:
Confirmed
Status in “seamonkey” source package in Lucid:
Confirmed
Status in “thunderbird” source package in Lucid:
Fix Released
Status in “xulrunner-1.9.2” source package in Lucid:
Fix Released
Status in “ca-certificates” source package in Maverick:
Fix Committed
Status in “chromium-browser” source package in Maverick:
Confirmed
Status in “firefox” source package in Maverick:
Fix Released
Status in “nss” source package in Maverick:
In Progress
Status in “qt4-x11” source package in Maverick:
Invalid
Status in “seamonkey” source package in Maverick:
Confirmed
Status in “thunderbird” source package in Maverick:
Fix Released
Status in “xulrunner-1.9.2” source package in Maverick:
Fix Released
Status in “ca-certificates” source package in Natty:
Fix Committed
Status in “chromium-browser” source package in Natty:
Confirmed
Status in “firefox” source package in Natty:
Fix Released
Status in “nss” source package in Natty:
In Progress
Status in “qt4-x11” source package in Natty:
Invalid
Status in “seamonkey” source package in Natty:
Confirmed
Status in “thunderbird” source package in Natty:
Fix Released
Status in “xulrunner-1.9.2” source package in Natty:
Triaged
Status in “ca-certificates” source package in Oneiric:
Fix Released
Status in “chromium-browser” source package in Oneiric:
Confirmed
Status in “firefox” source package in Oneiric:
Fix Released
Status in “nss” source package in Oneiric:
Confirmed
Status in “qt4-x11” source package in Oneiric:
Invalid
Status in “seamonkey” source package in Oneiric:
Confirmed
Status in “thunderbird” source package in Oneiric:
In Progress
Status in “xulrunner-1.9.2” source package in Oneiric:
Invalid
Status in “ca-certificates” package in Debian:
Fix Released
Bug description:
NOTE: The Firefox update causes a regression for certain Dutch sites which is
being tracked in Bug #838322.
NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA
as trusted in the certificate manager. This is due to Thunderbird using the
system version of NSS. In this initial update, Thunderbird will actively
distrust any certificate signed by the DigiNotar Root CA. Future updates will
properly show the root CA as distrusted in the certificate manager.
WORKAROUND (from blog post):
http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert
-
http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-
certificate/
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
The proposed workaround is only for Firefox. What about other applications that may access Google services on a Ubuntu system? Can we simply sudo rm /etc/ssl/certs/DigiNotar_Root_CA.pem ? -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: New Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: New Status in “qt4-x11” package in Ubuntu: New Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: New Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: New Status in “qt4-x11” source package in Lucid: New Status in “thunderbird” source package in Lucid: In Progress Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: In Progress Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: New Status in “qt4-x11” source package in Maverick: New Status in “thunderbird” source package in Maverick: In Progress Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: In Progress Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: New Status in “qt4-x11” source package in Natty: New Status in “thunderbird” source package in Natty: In Progress Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: New Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: New Status in “qt4-x11” source package in Oneiric: New Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Bug description: WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
debian has released ca-certificates version 20110502+nmu1 that fix this ** Bug watch added: Debian Bug tracker #639744 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639744 ** Also affects: ca-certificates (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639744 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: New Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: New Status in “qt4-x11” package in Ubuntu: New Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: New Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: New Status in “qt4-x11” source package in Lucid: New Status in “thunderbird” source package in Lucid: In Progress Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: In Progress Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: New Status in “qt4-x11” source package in Maverick: New Status in “thunderbird” source package in Maverick: In Progress Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: In Progress Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: New Status in “qt4-x11” source package in Natty: New Status in “thunderbird” source package in Natty: In Progress Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: New Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: New Status in “qt4-x11” source package in Oneiric: New Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Unknown Bug description: WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Changed in: ca-certificates (Debian) Status: Unknown = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: New Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: New Status in “qt4-x11” package in Ubuntu: New Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: New Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: New Status in “qt4-x11” source package in Lucid: New Status in “thunderbird” source package in Lucid: In Progress Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: In Progress Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: New Status in “qt4-x11” source package in Maverick: New Status in “thunderbird” source package in Maverick: In Progress Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: In Progress Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: New Status in “qt4-x11” source package in Natty: New Status in “thunderbird” source package in Natty: In Progress Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: New Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: New Status in “qt4-x11” source package in Oneiric: New Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Also affects: seamonkey (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Invalid Status in “seamonkey” package in Ubuntu: New Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: In Progress Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: Confirmed Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: New Status in “thunderbird” source package in Lucid: In Progress Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: In Progress Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: Confirmed Status in “qt4-x11” source package in Maverick: Invalid Status in “seamonkey” source package in Maverick: New Status in “thunderbird” source package in Maverick: In Progress Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: In Progress Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: Confirmed Status in “qt4-x11” source package in Natty: Invalid Status in “seamonkey” source package in Natty: New Status in “thunderbird” source package in Natty: In Progress Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Invalid Status in “seamonkey” source package in Oneiric: New Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Changed in: nss (Ubuntu Lucid) Status: Confirmed = In Progress ** Changed in: nss (Ubuntu Maverick) Status: Confirmed = In Progress ** Changed in: nss (Ubuntu Natty) Status: Confirmed = In Progress ** Changed in: seamonkey (Ubuntu Lucid) Status: New = Confirmed ** Changed in: seamonkey (Ubuntu Maverick) Status: New = Confirmed ** Changed in: seamonkey (Ubuntu Natty) Status: New = Confirmed ** Changed in: seamonkey (Ubuntu Oneiric) Status: New = Confirmed -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Invalid Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: In Progress Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: Invalid Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: In Progress Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: Invalid Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: In Progress Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Invalid Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Also affects: chromium-browser (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: New Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Invalid Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: New Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: In Progress Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: New Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: Invalid Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: In Progress Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: New Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: Invalid Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: In Progress Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: New Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Invalid Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Changed in: chromium-browser (Ubuntu) Status: New = Confirmed ** Changed in: chromium-browser (Ubuntu Lucid) Status: New = Confirmed ** Changed in: chromium-browser (Ubuntu Maverick) Status: New = Confirmed ** Changed in: chromium-browser (Ubuntu Natty) Status: New = Confirmed -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Invalid Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: In Progress Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: Invalid Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: In Progress Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: Invalid Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: In Progress Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Invalid Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
UPDATE: Unfortunately, the ca-certificates and NSS fixes available at the moment are only a partial fix that won't actually help very much. I'm currently waiting on fixes that should address this issue completely. I will be releasing Thunderbird in a few hours with the same fix that Firefox got which blocks the rogue certificates, but possibly causes a regression for certain Dutch sites (see Description of this bug). -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Invalid Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: In Progress Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: Invalid Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: In Progress Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: Invalid Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: In Progress Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Invalid Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package thunderbird - 3.1.13+build1+nobinonly- 0ubuntu0.10.10.1 --- thunderbird (3.1.13+build1+nobinonly-0ubuntu0.10.10.1) maverick-security; urgency=low * New upstream release v3.1.13 (THUNDERBIRD_3_1_13_BUILD1) - Distrust and disable DigiNotar Root CA due to fraudulent certificate issuance (LP: #837557) -- Micah Gersten mic...@ubuntu.com Wed, 31 Aug 2011 00:42:12 -0500 ** Changed in: thunderbird (Ubuntu Maverick) Status: In Progress = Fix Released ** Changed in: thunderbird (Ubuntu Natty) Status: In Progress = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Invalid Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: In Progress Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: Invalid Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: Invalid Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Invalid Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package thunderbird - 3.1.13+build1+nobinonly- 0ubuntu0.11.04.1 --- thunderbird (3.1.13+build1+nobinonly-0ubuntu0.11.04.1) natty-security; urgency=low * New upstream release v3.1.13 (THUNDERBIRD_3_1_13_BUILD1) - Distrust and disable DigiNotar Root CA due to fraudulent certificate issuance (LP: #837557) -- Micah Gersten mic...@ubuntu.com Wed, 31 Aug 2011 00:43:28 -0500 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Invalid Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: In Progress Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: Invalid Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: Invalid Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Invalid Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package thunderbird - 3.1.13+build1+nobinonly- 0ubuntu0.10.04.1 --- thunderbird (3.1.13+build1+nobinonly-0ubuntu0.10.04.1) lucid-security; urgency=low * New upstream release v3.1.13 (THUNDERBIRD_3_1_13_BUILD1) - Distrust and disable DigiNotar Root CA due to fraudulent certificate issuance (LP: #837557) -- Micah Gersten mic...@ubuntu.com Wed, 31 Aug 2011 00:30:47 -0500 ** Changed in: thunderbird (Ubuntu Lucid) Status: In Progress = Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: Fix Released Status in “chromium-browser” package in Ubuntu: Confirmed Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: Confirmed Status in “qt4-x11” package in Ubuntu: Invalid Status in “seamonkey” package in Ubuntu: Confirmed Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: Fix Committed Status in “chromium-browser” source package in Lucid: Confirmed Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: In Progress Status in “qt4-x11” source package in Lucid: Confirmed Status in “seamonkey” source package in Lucid: Confirmed Status in “thunderbird” source package in Lucid: Fix Released Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: Fix Committed Status in “chromium-browser” source package in Maverick: Confirmed Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: In Progress Status in “qt4-x11” source package in Maverick: Invalid Status in “seamonkey” source package in Maverick: Confirmed Status in “thunderbird” source package in Maverick: Fix Released Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: Fix Committed Status in “chromium-browser” source package in Natty: Confirmed Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: In Progress Status in “qt4-x11” source package in Natty: Invalid Status in “seamonkey” source package in Natty: Confirmed Status in “thunderbird” source package in Natty: Fix Released Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: Fix Released Status in “chromium-browser” source package in Oneiric: Confirmed Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: Confirmed Status in “qt4-x11” source package in Oneiric: Invalid Status in “seamonkey” source package in Oneiric: Confirmed Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Status in “ca-certificates” package in Debian: Fix Released Bug description: NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322. WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Summary changed: - Fraudulent *.google.com Certificate + fraudulent DigiNotar certificate issuance -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: New Status in “firefox” package in Ubuntu: Fix Released Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: New Status in “firefox” source package in Lucid: Fix Released Status in “thunderbird” source package in Lucid: In Progress Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: New Status in “firefox” source package in Maverick: Fix Released Status in “thunderbird” source package in Maverick: In Progress Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: New Status in “firefox” source package in Natty: Fix Released Status in “thunderbird” source package in Natty: In Progress Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: New Status in “firefox” source package in Oneiric: Fix Released Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Bug description: WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Also affects: ca-certificates (Ubuntu) Importance: Undecided Status: New ** Also affects: nss (Ubuntu) Importance: Undecided Status: New ** Also affects: qt4-x11 (Ubuntu) Importance: Undecided Status: New ** Changed in: ca-certificates (Ubuntu Natty) Importance: Undecided = Medium ** Changed in: ca-certificates (Ubuntu Natty) Status: New = In Progress ** Changed in: ca-certificates (Ubuntu Natty) Assignee: (unassigned) = Micah Gersten (micahg) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: New Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: New Status in “qt4-x11” package in Ubuntu: New Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: New Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: New Status in “qt4-x11” source package in Lucid: New Status in “thunderbird” source package in Lucid: In Progress Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: In Progress Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: New Status in “qt4-x11” source package in Maverick: New Status in “thunderbird” source package in Maverick: In Progress Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: In Progress Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: New Status in “qt4-x11” source package in Natty: New Status in “thunderbird” source package in Natty: In Progress Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: New Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: New Status in “qt4-x11” source package in Oneiric: New Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Bug description: WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
** Changed in: ca-certificates (Ubuntu Maverick) Importance: Undecided = Medium ** Changed in: ca-certificates (Ubuntu Maverick) Status: New = In Progress ** Changed in: ca-certificates (Ubuntu Maverick) Assignee: (unassigned) = Micah Gersten (micahg) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: New Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: New Status in “qt4-x11” package in Ubuntu: New Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: New Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: New Status in “qt4-x11” source package in Lucid: New Status in “thunderbird” source package in Lucid: In Progress Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: In Progress Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: New Status in “qt4-x11” source package in Maverick: New Status in “thunderbird” source package in Maverick: In Progress Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: In Progress Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: New Status in “qt4-x11” source package in Natty: New Status in “thunderbird” source package in Natty: In Progress Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: New Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: New Status in “qt4-x11” source package in Oneiric: New Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Bug description: WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 837557] Re: fraudulent DigiNotar certificate issuance
Also affects SeaMonkey (https://launchpad.net/ubuntu/+source/seamonkey). Please update SeaMonkey to version 2.3.2 so that this problem can be prevented there too. SeaMonkey version 2.3.2 erroneously identifies itself as version 2.3.1 (see https://bugzilla.mozilla.org/show_bug.cgi?id=683473). If you need to check that it's really 2.3.2 and not 2.3.1, go to https://www.diginotar.nl/ or to any other page signed by Diginotar. Version 2.3.1 will display the page without complaining whereas 2.3.2 will complain that the site is insecure. ** Bug watch added: Mozilla Bugzilla #683473 https://bugzilla.mozilla.org/show_bug.cgi?id=683473 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance Status in “ca-certificates” package in Ubuntu: New Status in “firefox” package in Ubuntu: Fix Released Status in “nss” package in Ubuntu: New Status in “qt4-x11” package in Ubuntu: New Status in “thunderbird” package in Ubuntu: In Progress Status in “xulrunner-1.9.2” package in Ubuntu: Invalid Status in “ca-certificates” source package in Lucid: New Status in “firefox” source package in Lucid: Fix Released Status in “nss” source package in Lucid: New Status in “qt4-x11” source package in Lucid: New Status in “thunderbird” source package in Lucid: In Progress Status in “xulrunner-1.9.2” source package in Lucid: Fix Released Status in “ca-certificates” source package in Maverick: In Progress Status in “firefox” source package in Maverick: Fix Released Status in “nss” source package in Maverick: New Status in “qt4-x11” source package in Maverick: New Status in “thunderbird” source package in Maverick: In Progress Status in “xulrunner-1.9.2” source package in Maverick: Fix Released Status in “ca-certificates” source package in Natty: In Progress Status in “firefox” source package in Natty: Fix Released Status in “nss” source package in Natty: New Status in “qt4-x11” source package in Natty: New Status in “thunderbird” source package in Natty: In Progress Status in “xulrunner-1.9.2” source package in Natty: Triaged Status in “ca-certificates” source package in Oneiric: New Status in “firefox” source package in Oneiric: Fix Released Status in “nss” source package in Oneiric: New Status in “qt4-x11” source package in Oneiric: New Status in “thunderbird” source package in Oneiric: In Progress Status in “xulrunner-1.9.2” source package in Oneiric: Invalid Bug description: WORKAROUND (from blog post): http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert - http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com- certificate/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
