This bug was fixed in the package nss - 3.12.9+ckbi-1.82-0ubuntu2.1 --------------- nss (3.12.9+ckbi-1.82-0ubuntu2.1) natty-security; urgency=low
* SECURITY UPDATE: Add patch from Debian version 3.12.11-3 rebased against 3.12.9 to remove the DigiNotar certificates and actively distrust them; Thanks to Mike Hommey from Debian for the original patch (LP: #837557) - mozilla/security/nss/lib/ckfw/builtins/certdata.*: Explicitely distrust various DigiNotar CAs: - DigiNotar Root CA - DigiNotar Services 1024 CA - DigiNotar Cyber CA - DigiNotar Cyber CA 2nd - DigiNotar PKIoverheid - DigiNotar PKIoverheid G2 - mozilla/security/nss/lib/ckfw/builtins/certdata.*: Remove DigiNotar Root CA. -- Micah Gersten <mic...@ubuntu.com> Wed, 07 Sep 2011 15:15:37 -0500 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/837557 Title: fraudulent DigiNotar certificate issuance To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs