← Back to team overview

desktop-packages team mailing list archive

[Bug 837557] Re: fraudulent DigiNotar certificate issuance

 

** Branch unlinked: lp:~mozillateam/firefox/firefox.head

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to thunderbird in Ubuntu.
https://bugs.launchpad.net/bugs/837557

Title:
  fraudulent DigiNotar certificate issuance

Status in ca-certificates package in Ubuntu:
  Fix Released
Status in chromium-browser package in Ubuntu:
  Fix Released
Status in firefox package in Ubuntu:
  Fix Released
Status in nss package in Ubuntu:
  Fix Released
Status in qt4-x11 package in Ubuntu:
  Fix Released
Status in seamonkey package in Ubuntu:
  Confirmed
Status in thunderbird package in Ubuntu:
  Fix Released
Status in xulrunner-1.9.2 package in Ubuntu:
  Invalid
Status in ca-certificates source package in Lucid:
  Fix Released
Status in chromium-browser source package in Lucid:
  Fix Released
Status in firefox source package in Lucid:
  Fix Released
Status in nss source package in Lucid:
  Fix Released
Status in qt4-x11 source package in Lucid:
  Fix Released
Status in seamonkey source package in Lucid:
  Won't Fix
Status in thunderbird source package in Lucid:
  Fix Released
Status in xulrunner-1.9.2 source package in Lucid:
  Fix Released
Status in ca-certificates source package in Maverick:
  Fix Released
Status in chromium-browser source package in Maverick:
  Fix Released
Status in firefox source package in Maverick:
  Fix Released
Status in nss source package in Maverick:
  Fix Released
Status in qt4-x11 source package in Maverick:
  Fix Released
Status in seamonkey source package in Maverick:
  Won't Fix
Status in thunderbird source package in Maverick:
  Fix Released
Status in xulrunner-1.9.2 source package in Maverick:
  Fix Released
Status in ca-certificates source package in Natty:
  Fix Released
Status in chromium-browser source package in Natty:
  Fix Released
Status in firefox source package in Natty:
  Fix Released
Status in nss source package in Natty:
  Fix Released
Status in qt4-x11 source package in Natty:
  Fix Released
Status in seamonkey source package in Natty:
  Won't Fix
Status in thunderbird source package in Natty:
  Fix Released
Status in xulrunner-1.9.2 source package in Natty:
  Fix Released
Status in ca-certificates source package in Oneiric:
  Fix Released
Status in chromium-browser source package in Oneiric:
  Fix Released
Status in firefox source package in Oneiric:
  Fix Released
Status in nss source package in Oneiric:
  Fix Released
Status in qt4-x11 source package in Oneiric:
  Fix Released
Status in seamonkey source package in Oneiric:
  Won't Fix
Status in thunderbird source package in Oneiric:
  Fix Released
Status in xulrunner-1.9.2 source package in Oneiric:
  Invalid
Status in ca-certificates package in Debian:
  Fix Released

Bug description:
  USN Information: This is being tracked in USN-1197-*

  NOTE: The Firefox update causes a regression for certain Dutch sites which is being tracked in Bug #838322.
  NOTE #2: The current update for Thunderbird still shows the DigiNotar Root CA as trusted in the certificate manager.  This is due to Thunderbird using the system version of NSS. In this initial update, Thunderbird will actively distrust any certificate signed by the DigiNotar Root CA.  Future updates will properly show the root CA as distrusted in the certificate manager.

  WORKAROUND (from blog post):
  http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert

  -------------------------------------------------

  http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-
  certificate/

  Qt 4.7 blog post: http://labs.qt.nokia.com/2011/09/07/what-the-
  diginotar-security-breach-means-for-qt-users-continued/

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/837557/+subscriptions


References