desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #10817
[Bug 837557] Re: fraudulent DigiNotar certificate issuance
This bug was fixed in the package thunderbird - 7.0~b2+build2+nobinonly-
0ubuntu1
---------------
thunderbird (7.0~b2+build2+nobinonly-0ubuntu1) oneiric; urgency=low
* New upstream release from the beta channel (THUNDERBIRD_7_0b2_BUILD2)
- LP: #837557 and LP: #838322
* Update globalmenu-extension to 2.0
- Only update a menu in realtime if it's parent is opening. For all other
times, just invalidate the menu. Avoids spamming dbus everytime
something changes in the menu
- When removing a menuitem from its parent, check that the index is
in-bounds. Should fix a frequent crash on startup, although it doesn't
explain how it gets in to that state in the first place
- Add the ability to turn on debugging without building Firefox with
debugging on
* Add upstream patch to only add ENABLE_JIT=1 to CXXFLAGS if any of trace/
method/yarr jit is enabled. Fixes a build failure on PPC
- add debian/patches/only-add-ENABLE_JIT-to-CXXFLAGS-if-jit-is-enabled.patch
- update debian/patches/series
* Add upstream patch to fix build failure with ENABLE_YARR_JIT=0
- add debian/patches/build-fix-for-no-ENABLE_YARR_JIT.patch
- update debian/patches/series
* Add upstream patch to work around a linker bug
- add debian/patches/compile-pldhash-as-C++.patch
- update debian/patches/series
* Don't pass an empty --mozilla-repo= argument to client.py when creating
the source tarball without a local cache, as it totally breaks. This is
why we've got rid of all this in nightly and aurora, so we can avoid
such bandaids in the first place
- update debian/mozclient/thunderbird.conf
* Messagingmenu fixes:
- Use the libunity5 ABI (LP: #839154)
- Don't use QueryInterface on objects where we can't guarantee they
implement a particular interface (LP: #826447)
* Make sure that thunderbird-gnome-support actually depends on libunity5
- update debian/rules
* Update eds extension to r84 from 0.3 branch
- fixes a shutdown crash
* Use the latest eds libs for the contacts integration
-- Chris Coulson <chris.coulson@xxxxxxxxxxxxx> Tue, 06 Sep 2011 00:19:41 +0100
** Changed in: thunderbird (Ubuntu Oneiric)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to thunderbird in Ubuntu.
https://bugs.launchpad.net/bugs/837557
Title:
fraudulent DigiNotar certificate issuance
Status in “ca-certificates” package in Ubuntu:
Fix Released
Status in “chromium-browser” package in Ubuntu:
Confirmed
Status in “firefox” package in Ubuntu:
Fix Released
Status in “nss” package in Ubuntu:
Confirmed
Status in “qt4-x11” package in Ubuntu:
Invalid
Status in “seamonkey” package in Ubuntu:
Confirmed
Status in “thunderbird” package in Ubuntu:
Fix Released
Status in “xulrunner-1.9.2” package in Ubuntu:
Invalid
Status in “ca-certificates” source package in Lucid:
Fix Committed
Status in “chromium-browser” source package in Lucid:
Confirmed
Status in “firefox” source package in Lucid:
Fix Released
Status in “nss” source package in Lucid:
In Progress
Status in “qt4-x11” source package in Lucid:
Confirmed
Status in “seamonkey” source package in Lucid:
Confirmed
Status in “thunderbird” source package in Lucid:
Fix Released
Status in “xulrunner-1.9.2” source package in Lucid:
Fix Released
Status in “ca-certificates” source package in Maverick:
Fix Committed
Status in “chromium-browser” source package in Maverick:
Confirmed
Status in “firefox” source package in Maverick:
Fix Released
Status in “nss” source package in Maverick:
In Progress
Status in “qt4-x11” source package in Maverick:
Invalid
Status in “seamonkey” source package in Maverick:
Confirmed
Status in “thunderbird” source package in Maverick:
Fix Released
Status in “xulrunner-1.9.2” source package in Maverick:
Fix Released
Status in “ca-certificates” source package in Natty:
Fix Committed
Status in “chromium-browser” source package in Natty:
Confirmed
Status in “firefox” source package in Natty:
Fix Released
Status in “nss” source package in Natty:
In Progress
Status in “qt4-x11” source package in Natty:
Invalid
Status in “seamonkey” source package in Natty:
Confirmed
Status in “thunderbird” source package in Natty:
Fix Released
Status in “xulrunner-1.9.2” source package in Natty:
Triaged
Status in “ca-certificates” source package in Oneiric:
Fix Released
Status in “chromium-browser” source package in Oneiric:
Confirmed
Status in “firefox” source package in Oneiric:
Fix Released
Status in “nss” source package in Oneiric:
Confirmed
Status in “qt4-x11” source package in Oneiric:
Invalid
Status in “seamonkey” source package in Oneiric:
Confirmed
Status in “thunderbird” source package in Oneiric:
Fix Released
Status in “xulrunner-1.9.2” source package in Oneiric:
Invalid
Status in “ca-certificates” package in Debian:
Fix Released
Bug description:
NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322.
NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager. This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA. Future updates will properly show the root CA as distrusted in the certificate manager.
WORKAROUND (from blog post):
http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert
-------------------------------------------------
http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-
certificate/
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions
References
