desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #08994
[Bug 837557] Re: fraudulent DigiNotar certificate issuance
UPDATE:
Unfortunately, the ca-certificates and NSS fixes available at the moment are only a partial fix that won't actually help very much. I'm currently waiting on fixes that should address this issue completely. I will be releasing Thunderbird in a few hours with the same fix that Firefox got which blocks the rogue certificates, but possibly causes a regression for certain Dutch sites (see Description of this bug).
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to thunderbird in Ubuntu.
https://bugs.launchpad.net/bugs/837557
Title:
fraudulent DigiNotar certificate issuance
Status in “ca-certificates” package in Ubuntu:
Fix Released
Status in “chromium-browser” package in Ubuntu:
Confirmed
Status in “firefox” package in Ubuntu:
Fix Released
Status in “nss” package in Ubuntu:
Confirmed
Status in “qt4-x11” package in Ubuntu:
Invalid
Status in “seamonkey” package in Ubuntu:
Confirmed
Status in “thunderbird” package in Ubuntu:
In Progress
Status in “xulrunner-1.9.2” package in Ubuntu:
Invalid
Status in “ca-certificates” source package in Lucid:
Fix Committed
Status in “chromium-browser” source package in Lucid:
Confirmed
Status in “firefox” source package in Lucid:
Fix Released
Status in “nss” source package in Lucid:
In Progress
Status in “qt4-x11” source package in Lucid:
Confirmed
Status in “seamonkey” source package in Lucid:
Confirmed
Status in “thunderbird” source package in Lucid:
In Progress
Status in “xulrunner-1.9.2” source package in Lucid:
Fix Released
Status in “ca-certificates” source package in Maverick:
Fix Committed
Status in “chromium-browser” source package in Maverick:
Confirmed
Status in “firefox” source package in Maverick:
Fix Released
Status in “nss” source package in Maverick:
In Progress
Status in “qt4-x11” source package in Maverick:
Invalid
Status in “seamonkey” source package in Maverick:
Confirmed
Status in “thunderbird” source package in Maverick:
In Progress
Status in “xulrunner-1.9.2” source package in Maverick:
Fix Released
Status in “ca-certificates” source package in Natty:
Fix Committed
Status in “chromium-browser” source package in Natty:
Confirmed
Status in “firefox” source package in Natty:
Fix Released
Status in “nss” source package in Natty:
In Progress
Status in “qt4-x11” source package in Natty:
Invalid
Status in “seamonkey” source package in Natty:
Confirmed
Status in “thunderbird” source package in Natty:
In Progress
Status in “xulrunner-1.9.2” source package in Natty:
Triaged
Status in “ca-certificates” source package in Oneiric:
Fix Released
Status in “chromium-browser” source package in Oneiric:
Confirmed
Status in “firefox” source package in Oneiric:
Fix Released
Status in “nss” source package in Oneiric:
Confirmed
Status in “qt4-x11” source package in Oneiric:
Invalid
Status in “seamonkey” source package in Oneiric:
Confirmed
Status in “thunderbird” source package in Oneiric:
In Progress
Status in “xulrunner-1.9.2” source package in Oneiric:
Invalid
Status in “ca-certificates” package in Debian:
Fix Released
Bug description:
NOTE: The Firefox update causes a regression for certain Dutch sites
which is being tracked in Bug #838322.
WORKAROUND (from blog post):
http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert
-------------------------------------------------
http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-
certificate/
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions
References