The point of the USN-2865-1 security update was to remove support for RSA-MD5 certificates which are considered insecure and were previously accepted in GnuTLS because of a design flaw.
See the following for more information: http://lists.gnutls.org/pipermail/gnutls-devel/2015-April/007572.html http://www.ubuntu.com/usn/usn-2865-1/ Please also see the following cacert.org announcement: http://blog.cacert.org/2015/12/re-signing-root-certificate/ ** Changed in: gnutls26 (Ubuntu) Status: New => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1553819 Title: Regression in trusty's gnutls26, can't connect to servers with RSA-MD5 certs (cacert) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1553819/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
