drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Deaktivierung eines Zertifikats in nss
Name: |
Deaktivierung eines Zertifikats in nss |
|
ID: |
DSA-2300-2 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian lenny, Debian sid, Debian squeeze |
|
Datum: |
Mo, 5. September 2011, 23:10 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
NSS |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- ------------------------------------------------------------------------- Debian Security Advisory DSA-2300-2 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst September 5, 2011 http://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : nss Vulnerability : comprimised certificate authority Problem type : local(remote) Debian-specific: no CVE ID : not available
Several unauthorised SSL certificates have been found in the wild issued for the DigiNotar Certificate Authority, obtained through a security compromise with said company. Debian, like other software distributors, has as a precaution decided to disable the DigiNotar Root CA by default in the NSS crypto libraries.
As a result from further understanding of the incident, this update to DSA 2300 disables additional DigiNotar issuing certificates.
For the oldstable distribution (lenny), this problem has been fixed in version 3.12.3.1-0lenny6.
For the stable distribution (squeeze), this problem has been fixed in version 3.12.8-1+squeeze3.
For the unstable distribution (sid), this problem has been fixed in version 3.12.11-2.
We recommend that you upgrade your nss packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJOZS2IAAoJEOxfUAG2iX57ZUkIAKyhYPcOl5O9GLakYFxoQrWE UtP3q6Y0Of1Qw+7e+WLNnuuWL0atn8gMxebJvVIdSvwnyR2maWFfjU4nAIZW9g6r ETXuRXXOyGfZbQf8uxJZmVDwKout5kafCtbQB75hsUcSCA9T4okpaM7SQLjFULB0 45Q9tjKU/e6QE6kezKKkpj9Mm3wE3zAfL6wnD5HwBYfUN6U6K2a2T0AIBFheMtIo jzHB3/WajYQbUG1CCQwfbrPSQcvER9PsirK02n3IBywdzDdWUGAzqyyM8mBIjC4X lS/PqWifwaO62kz1OK3y6EAtgdR+NQNNKszuWgKoS6jhUMaH67NrFsoYmyXhkqo= =OP2H -----END PGP SIGNATURE-----
-- To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: http://lists.debian.org/20110905201522.6BBEA5BA3B@kinkhorst.com
|
|
|
|