touch-packages team mailing list archive

[Launchpad Bug Tracker <1469803@xxxxxxxxxxxxxxxxxx>]

This bug was fixed in the package ca-certificates - 20150426ubuntu1

---------------
ca-certificates (20150426ubuntu1) wily; urgency=medium

  * mozilla-1024/*, Makefile: Since version 20140927 of the ca-certificates
    package, containing the 2.1 version of the nss database, CA
    certificates with 1024-bit RSA keys have been removed. Unfortunately,
    older versions of libraries such as OpenSSL, GnuTLS and glib-networking
    are unable to automatically find alternative trust chains to continue
    connecting to certain sites. This update restores the certificates
    until all libraries have been updated to properly handle alternative
    trust chains. See mozilla-1024/certdata.txt for a list of the exact
    certificates that were added back. (LP: #1469803)

 -- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx>  Mon, 13 Jul 2015
11:10:03 -0400

** Changed in: ca-certificates (Ubuntu)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1469803

Title:
  Connecting to some sites via glib-networking is broken due to removed
  certificates

Status in ca-certificates package in Ubuntu:
  Fix Released

Bug description:
  See

    https://bugzilla.redhat.com/show_bug.cgi?id=1166614 and
    https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest

  - this situation still exists in the wild (e.g. Facebook's CDN), but
  our ca-certificates package has dropped these certs, as of 20150426.

  For example run the attached script on wily or try to use Facebook in
  epiphany.

  Fedora have kept some of these certificates and called them "legacy" -
  I suggest that we could do the same, at least until glib-networking is
  fixed.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1469803/+subscriptions