desktop-packages team mailing list archive

Thread
Date

[Bug 741729] Re: Blacklist fraudulent UTN-USERFirst-Hardware certificates

To: desktop-packages@xxxxxxxxxxxxxxxxxxx
From: Jamie Strandboge <jamie@xxxxxxxxxx>
Date: Tue, 13 Dec 2011 17:31:45 -0000
Reply-to: Bug 741729 <741729@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: firefox (Ubuntu Lucid)
       Status: New => Triaged

** Changed in: firefox (Ubuntu Lucid)
     Assignee: (unassigned) => Micah Gersten (micahg)

** Changed in: firefox (Ubuntu Maverick)
       Status: New => Triaged

** Changed in: firefox (Ubuntu Maverick)
     Assignee: (unassigned) => Micah Gersten (micahg)

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/741729

Title:
  Blacklist fraudulent UTN-USERFirst-Hardware certificates

Status in Common CA certificates:
  New
Status in “ca-certificates” package in Ubuntu:
  Won't Fix
Status in “firefox” package in Ubuntu:
  Fix Released
Status in “nss” package in Ubuntu:
  Fix Released
Status in “qt4-x11” package in Ubuntu:
  Invalid
Status in “ca-certificates” source package in Lucid:
  Won't Fix
Status in “firefox” source package in Lucid:
  Triaged
Status in “nss” source package in Lucid:
  Fix Released
Status in “qt4-x11” source package in Lucid:
  Invalid
Status in “ca-certificates” source package in Maverick:
  Won't Fix
Status in “firefox” source package in Maverick:
  Triaged
Status in “nss” source package in Maverick:
  Fix Released
Status in “qt4-x11” source package in Maverick:
  Invalid
Status in “ca-certificates” source package in Natty:
  Won't Fix
Status in “firefox” source package in Natty:
  Fix Released
Status in “nss” source package in Natty:
  Fix Released
Status in “qt4-x11” source package in Natty:
  Invalid
Status in “ca-certificates” source package in Hardy:
  Won't Fix
Status in “firefox” source package in Hardy:
  Invalid
Status in “nss” source package in Hardy:
  Fix Released
Status in “qt4-x11” source package in Hardy:
  Invalid
Status in “ca-certificates” source package in Karmic:
  Won't Fix
Status in “firefox” source package in Karmic:
  Won't Fix
Status in “nss” source package in Karmic:
  Fix Released
Status in “qt4-x11” source package in Karmic:
  Invalid
Status in “ca-certificates” package in Debian:
  New

Bug description:
  Binary package hint: firefox

  Blacklist fraudulent UTN-USERFirst-Hardware certificates

  http://blog.mozilla.com/security/2011/03/22/firefox-blocking-fraudulent-certificates/
  https://blog.torproject.org/blog/detecting-certificate-authority-compromises-and-web-browser-collusion
  Fixed upstream in 3.6.16 and 4.0

  for nss:
  http://groups.google.com/group/mozilla.dev.tech.crypto/browse_thread/thread/de5774217cc33669#

  Other packages are affected as well, e.g. ca-certificates, openssl, kdelibs, qt-x11, Java...?
  and everything that depends on those: epiphany, konqueror, rekonq, wget, curl...

To manage notifications about this bug go to:
https://bugs.launchpad.net/ca-certificates/+bug/741729/+subscriptions