Hello,
Will Ubuntu hirsute be affected by this bug? For context, Network
Security Services (NSS) 3.63 and newer distrusts Symantec which will
cause failures when installing NuGet packages. As per this question,
Ubuntu contains NSS 3.63 in hirsute-proposed:
** Changed in: ca-certificates (Debian)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1913951
Title:
ca-certificates: Symantec CA blacklisted for
It's possible in certain upgrade scenarios that the certs have been
permanently blacklisted on your system.
Look at the /etc/ca-certificates.conf file to see if the following two
lines start with a "!" character:
mozilla/GeoTrust_Primary_Certification_Authority_-_G2.crt
Yes. I can confirm that the package ca-certificates 20210119~20.10.1,
make possible to restore nuget packages using "nuget restore". Although
invoking the dotnet cli, like doing "dotnet restore" yields the same
certificate error. Is it possible to solve this certificate issue once
and for all?
--
Odd. I can see that the package ca-certificates 20210119~20.10.1 is installed
on my ubuntu 20.10, but I still can't restore my nuget packages. I'm getting
the following error message:
error NU3028: Package 'Microsoft.Extensions.Configuration 3.1.10' from source
** Changed in: ca-certificates (Ubuntu Hirsute)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1913951
Title:
ca-certificates: Symantec CA blacklisted
No, GeoTrust Global CA is no longer to be used and has been removed from
the CA list as requested by DigiCert.
Please see:
https://bugzilla.mozilla.org/show_bug.cgi?id=1670769
** Bug watch added: Mozilla Bugzilla #1670769
https://bugzilla.mozilla.org/show_bug.cgi?id=1670769
--
You received
Will this issue also be fixed in Focal?
It's currently not possible to connect to Apple Push servers in Ubuntu
20.04 due to the removal of the GeoTrust Global Root which Apple returns
in their certificate chain from api.push.apple.com.
```
~cat /etc/issue
Ubuntu 20.04.2 LTS \n \l
~ apt list
The nuget restore command works again on my Ubuntu 20.10 OS, thanks for
the fix.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1913951
Title:
ca-certificates: Symantec CA blacklisted for non-TLS
This bug was fixed in the package ca-certificates - 20210119~20.10.1
---
ca-certificates (20210119~20.10.1) groovy-security; urgency=medium
* Update ca-certificates database to 20210119 (LP: #1914064):
- mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate
It looks like the reverted blacklist will work fine for new installs of
groovy, so I'll be pushing a new version of the ca-certificates package
tomorrow with an updated bundle that will solve this issue at the same
time.
--
You received this bug notification because you are a member of Ubuntu
** Changed in: ca-certificates (Debian)
Status: Unknown => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1913951
Title:
ca-certificates: Symantec CA blacklisted for non-TLS
Version 20210119 in hirsute-proposed fixes this issue.
The Symantec certs were never blacklisted in focal and earlier, so they
aren't affected.
This issue does affect Groovy, but even if we removed the blacklist from
the ca-certificates package, the certs will still be blacklisted because
of
You can find every details about the Nuget incident here:
https://github.com/NuGet/Announcements/issues/49#issue-795386700
** Bug watch added: github.com/NuGet/Announcements/issues #49
https://github.com/NuGet/Announcements/issues/49
--
You received this bug notification because you are a
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: ca-certificates (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1913951
15 matches
Mail list logo
