[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1NaenF-0005Mk-7e@titan.mandriva.com>
Date: Fri, 29 Jan 2010 01:33:00 +0100
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2010:029 ] rootcerts
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:029
http://www.mandriva.com/security/
_______________________________________________________________________
Package : rootcerts
Date : January 28, 2010
Affected: 2008.0, 2009.0, 2009.1, 2010.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
The rootcerts package was added in Mandriva in 2005 and was meant
to be updated when nessesary. The provided rootcerts packages has
been upgraded using the latest certdata.txt file from the mozilla
cvs repository, as of 2009/12/03.
In Mandriva a number of additional CA root certificates has been
added such as ICP-Brasil (Brazil government CA), cacert.org, IGC/A CA
(French government CA). The IGC/A CA one was recently added upstream
in the mozilla certdata.txt file.
The rootcerts package provides the /etc/pki/tls/certs/ca-bundle.crt
file which most sofwares in Mandriva, and where appliable is sharing
such as KDE, curl, pidgin, neon, and more.
The mozilla nss library has consequently been rebuilt to pickup these
changes and are also being provided.
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
77617570d2eda1766aff5a82c2883c26 2008.0/i586/libnss3-3.12.3.1-0.2mdv2008.0.i586.rpm
da74fbee3342af41d342a32b937bfe7d 2008.0/i586/libnss-devel-3.12.3.1-0.2mdv2008.0.i586.rpm
32202c0651f69165d2325dc9c39bc06a 2008.0/i586/libnss-static-devel-3.12.3.1-0.2mdv2008.0.i586.rpm
1b0ae620c3d563e1f03951758f614027 2008.0/i586/nss-3.12.3.1-0.2mdv2008.0.i586.rpm
20e77b8fb29288c13ecb25ca0f6fe2cd 2008.0/i586/rootcerts-20091203.03-1mdv2008.0.i586.rpm
65ce3a242de3a14e829c88085358a641 2008.0/SRPMS/nss-3.12.3.1-0.2mdv2008.0.src.rpm
c1d7251621ef13c9f78b162bda08d37e 2008.0/SRPMS/rootcerts-20091203.03-1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
353af4273a74e7b21904dce1dea2a1a4 2008.0/x86_64/lib64nss3-3.12.3.1-0.2mdv2008.0.x86_64.rpm
43ecc0055421158a207ce131f5488b5d 2008.0/x86_64/lib64nss-devel-3.12.3.1-0.2mdv2008.0.x86_64.rpm
737b56ed846f23a7a20e2822e8ba2a21 2008.0/x86_64/lib64nss-static-devel-3.12.3.1-0.2mdv2008.0.x86_64.rpm
80dfbc0d2167c0c16df79a05dc1a1384 2008.0/x86_64/nss-3.12.3.1-0.2mdv2008.0.x86_64.rpm
cd0b1a383371ac7dcbf0260374fc1901 2008.0/x86_64/rootcerts-20091203.03-1mdv2008.0.x86_64.rpm
65ce3a242de3a14e829c88085358a641 2008.0/SRPMS/nss-3.12.3.1-0.2mdv2008.0.src.rpm
c1d7251621ef13c9f78b162bda08d37e 2008.0/SRPMS/rootcerts-20091203.03-1mdv2008.0.src.rpm
Mandriva Linux 2009.0:
1e94aa0599120f7e4d604b7be48e5911 2009.0/i586/libnss3-3.12.3.1-0.2mdv2009.0.i586.rpm
58ea28567135ba81d6d82e43036d4274 2009.0/i586/libnss-devel-3.12.3.1-0.2mdv2009.0.i586.rpm
ecc24d0120505b155446b28364867534 2009.0/i586/libnss-static-devel-3.12.3.1-0.2mdv2009.0.i586.rpm
5ef9f82722cca755561754e47879e09a 2009.0/i586/nss-3.12.3.1-0.2mdv2009.0.i586.rpm
b75c1c97a18a146f03d2c04524598e83 2009.0/i586/rootcerts-20091203.03-1mdv2009.0.i586.rpm
0e332d2755961a60c1702a60387d35d3 2009.0/i586/rootcerts-java-20091203.03-1mdv2009.0.i586.rpm
fc075f989958667195179a5882167dd9 2009.0/SRPMS/nss-3.12.3.1-0.2mdv2009.0.src.rpm
8f9b1e0f69d86d972b5f16b92b2b1bc0 2009.0/SRPMS/rootcerts-20091203.03-1mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
6ddc54ee62d4d03e0a51083e329b8703 2009.0/x86_64/lib64nss3-3.12.3.1-0.2mdv2009.0.x86_64.rpm
a3b62285d73e6b9e23512f5a0b346358 2009.0/x86_64/lib64nss-devel-3.12.3.1-0.2mdv2009.0.x86_64.rpm
65c73a0e41b4f03d4f9d34512a21ba07 2009.0/x86_64/lib64nss-static-devel-3.12.3.1-0.2mdv2009.0.x86_64.rpm
71996a2074b4959b0eff64c1f14981d9 2009.0/x86_64/nss-3.12.3.1-0.2mdv2009.0.x86_64.rpm
ceda5ad8bc181b9e672c921a34df52e3 2009.0/x86_64/rootcerts-20091203.03-1mdv2009.0.x86_64.rpm
7faaa66a758545307151cc51c6cab30a 2009.0/x86_64/rootcerts-java-20091203.03-1mdv2009.0.x86_64.rpm
fc075f989958667195179a5882167dd9 2009.0/SRPMS/nss-3.12.3.1-0.2mdv2009.0.src.rpm
8f9b1e0f69d86d972b5f16b92b2b1bc0 2009.0/SRPMS/rootcerts-20091203.03-1mdv2009.0.src.rpm
Mandriva Linux 2009.1:
8c0a0d1549169c6e14c159d33aeda839 2009.1/i586/libnss3-3.12.3.1-0.2mdv2009.1.i586.rpm
4db5f222d5423aeecbcfe25b828678ee 2009.1/i586/libnss-devel-3.12.3.1-0.2mdv2009.1.i586.rpm
de57888da6ba4d1445477d52d2d86545 2009.1/i586/libnss-static-devel-3.12.3.1-0.2mdv2009.1.i586.rpm
ccc01b2d0e564c9bfe57bcd487582c5e 2009.1/i586/nss-3.12.3.1-0.2mdv2009.1.i586.rpm
44815c4ed44c6a4b85a6474430bcf299 2009.1/i586/rootcerts-20091203.03-1mdv2009.1.i586.rpm
eff41ebdbc2ed78ab3e1d8ecdb28dde7 2009.1/i586/rootcerts-java-20091203.03-1mdv2009.1.i586.rpm
d63d1854b352d16fa500ceb195d8fd83 2009.1/SRPMS/nss-3.12.3.1-0.2mdv2009.1.src.rpm
7e86ddc3851ebb032eec281b98dac240 2009.1/SRPMS/rootcerts-20091203.03-1mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64:
121cee368a55953da58c58ff8d1fbfcd 2009.1/x86_64/lib64nss3-3.12.3.1-0.2mdv2009.1.x86_64.rpm
ab66fd19434fcf0a4098240471323582 2009.1/x86_64/lib64nss-devel-3.12.3.1-0.2mdv2009.1.x86_64.rpm
43a9bb09aa3d3eff3e0a8ea9e7ff5045 2009.1/x86_64/lib64nss-static-devel-3.12.3.1-0.2mdv2009.1.x86_64.rpm
5d16a70f0d85576969b5118610e9b7fe 2009.1/x86_64/nss-3.12.3.1-0.2mdv2009.1.x86_64.rpm
e0c54141b4f9e92e7aee7ee9211d6451 2009.1/x86_64/rootcerts-20091203.03-1mdv2009.1.x86_64.rpm
7a133803654ee04dc00271d56332ecd9 2009.1/x86_64/rootcerts-java-20091203.03-1mdv2009.1.x86_64.rpm
d63d1854b352d16fa500ceb195d8fd83 2009.1/SRPMS/nss-3.12.3.1-0.2mdv2009.1.src.rpm
7e86ddc3851ebb032eec281b98dac240 2009.1/SRPMS/rootcerts-20091203.03-1mdv2009.1.src.rpm
Mandriva Linux 2010.0:
ae0225feacd3742d55b5ae163e72766b 2010.0/i586/libnss3-3.12.4-2.1mdv2010.0.i586.rpm
cc4c92ff4a4931b445ba5ccb82b6c768 2010.0/i586/libnss-devel-3.12.4-2.1mdv2010.0.i586.rpm
77c17d231648d3680bf372ab263409a7 2010.0/i586/libnss-static-devel-3.12.4-2.1mdv2010.0.i586.rpm
1a28a4367df88ff3be0446a21e465aca 2010.0/i586/nss-3.12.4-2.1mdv2010.0.i586.rpm
7e8ccc9625637f1a7cb2ee61616bccd1 2010.0/i586/rootcerts-20091203.03-1mdv2010.0.i586.rpm
19e8c622cd01142bed4b0a57ffe4bb5f 2010.0/i586/rootcerts-java-20091203.03-1mdv2010.0.i586.rpm
ae48e0a5ab9388e24ae69364f7632bca 2010.0/SRPMS/nss-3.12.4-2.1mdv2010.0.src.rpm
697faf2305877bcdff145927f2dabfb6 2010.0/SRPMS/rootcerts-20091203.03-1mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64:
50d4d8b5b6ed86fd158146f513b6bfd9 2010.0/x86_64/lib64nss3-3.12.4-2.1mdv2010.0.x86_64.rpm
43ba5e7c5da89cf852212c9fdb8d6b15 2010.0/x86_64/lib64nss-devel-3.12.4-2.1mdv2010.0.x86_64.rpm
cc23fee6478f5ecf4e6b7039c0ba71b5 2010.0/x86_64/lib64nss-static-devel-3.12.4-2.1mdv2010.0.x86_64.rpm
4de292e3f0120aa4ad2501cc596e552a 2010.0/x86_64/nss-3.12.4-2.1mdv2010.0.x86_64.rpm
ee6b8d19c06c3eb2f8788da2db7edddf 2010.0/x86_64/rootcerts-20091203.03-1mdv2010.0.x86_64.rpm
4fb436a141aaa73d1127deed6a035a31 2010.0/x86_64/rootcerts-java-20091203.03-1mdv2010.0.x86_64.rpm
ae48e0a5ab9388e24ae69364f7632bca 2010.0/SRPMS/nss-3.12.4-2.1mdv2010.0.src.rpm
697faf2305877bcdff145927f2dabfb6 2010.0/SRPMS/rootcerts-20091203.03-1mdv2010.0.src.rpm
Mandriva Enterprise Server 5:
9e3c0256390bbac56702a52372b273a8 mes5/i586/libnss3-3.12.3.1-0.2mdvmes5.i586.rpm
617d879d968da482f23bd801820fbffa mes5/i586/libnss-devel-3.12.3.1-0.2mdvmes5.i586.rpm
bff91ae01a5792c95dff87bf7f87ce89 mes5/i586/libnss-static-devel-3.12.3.1-0.2mdvmes5.i586.rpm
6dafb65324f41f5a2ec1902d4ff04b49 mes5/i586/nss-3.12.3.1-0.2mdvmes5.i586.rpm
904ac265c92760cd9d15080dd95492ec mes5/i586/rootcerts-20091203.03-1mdvmes5.i586.rpm
89c07fff652242de2ce576d34eb1e18f mes5/i586/rootcerts-java-20091203.03-1mdvmes5.i586.rpm
78b7e60062171bf18387e073836f5e4f mes5/SRPMS/nss-3.12.3.1-0.2mdvmes5.src.rpm
70cd6b9f7ab935b99a39fc3dfc736282 mes5/SRPMS/rootcerts-20091203.03-1mdvmes5.src.rpm
Mandriva Enterprise Server 5/X86_64:
5424ae0f7ad6c6f38316699b3f788e3a mes5/x86_64/lib64nss3-3.12.3.1-0.2mdvmes5.x86_64.rpm
f3054b9907dc3d048b42b8c8a5ac9f37 mes5/x86_64/lib64nss-devel-3.12.3.1-0.2mdvmes5.x86_64.rpm
70d39b44d6c2a2892117c882c6d27e15 mes5/x86_64/lib64nss-static-devel-3.12.3.1-0.2mdvmes5.x86_64.rpm
d37a25789508d6b35e5d26eda998e47e mes5/x86_64/nss-3.12.3.1-0.2mdvmes5.x86_64.rpm
a90afa1beba9bcbb38ba4bb1a7854145 mes5/x86_64/rootcerts-20091203.03-1mdvmes5.x86_64.rpm
e802a464f7000a3bcd37df0ab35b1b22 mes5/x86_64/rootcerts-java-20091203.03-1mdvmes5.x86_64.rpm
78b7e60062171bf18387e073836f5e4f mes5/SRPMS/nss-3.12.3.1-0.2mdvmes5.src.rpm
70cd6b9f7ab935b99a39fc3dfc736282 mes5/SRPMS/rootcerts-20091203.03-1mdvmes5.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLYf2xmqjQ0CJFipgRAvUFAKDvpCsZlGJM25Q1x0G1T3A2CHnJlQCfc0q1
Hsd/ode/lSdsS2FRnVodrYM=
=cwM6
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists