Bug#742594: Former included certificate was removed for no reason
Klaus Ethgen
Klaus at Ethgen.de
Tue Mar 25 09:55:18 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package: libnss3
Version: 2:3.16-1
Severity: important
The former included certificate of cacert is removed with this version
for no real reason.
That leads in security problems as it is now not possible anymore for a
common user to check the validity of certificates issued by cacert.
Moreover, it makes the package mostly unusefull as cacert is one of the
only -- if not the only -- certificate issuers that is at least a bit
trustable.
- -- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (800, 'unstable'), (600, 'oldstable'), (110, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.13.2 (SMP w/8 CPU cores; PREEMPT)
Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1) (ignored: LC_ALL set to de_DE)
Shell: /bin/sh linked to /bin/dash
- --
Klaus Ethgen http://www.ethgen.ch/
pub 4096R/4E20AF1C 2011-05-16 Klaus Ethgen <Klaus at Ethgen.de>
Fingerprint: 85D4 CA42 952C 949B 1753 62B3 79D0 B06F 4E20 AF1C
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQGcBAEBCgAGBQJTMVKDAAoJEKZ8CrGAGfas4rUMAJ1FK+5ulOdM2vNZn9sf+tFB
Xn0IbawNaKVV3qHvnFQKFIJu5DSf7rkadvWM3YjOnIwWzzg91OM6WwUnD+ysIj5b
KMdmcr6VX1SuOZ+6HtYG/ZzwbMkvcJEEHu2oamCwVuoKrEruccnN2ATDNNOjgcRE
1wOqUbuVQKusmBYwzRuDxU5umr1ORmIHz3+gYotGBkJ4Nxxt5/kqXxM5dM8PIhqY
eNqxy8Wd3JdNYWJ8fdjyqm9bHAJONYz8zQTLo9G0CuM9cU8jnOiZ1RdivUiKcArH
Vd+pnGlzqsZylyIFrw9NK1AfZlZJTCrbDBilYFCY+HetOZOusRGezDpeuxz9jjFP
r6Koh7lmtyFlAupa/GX+lUibzxLl35BLVsg6bv+AeL0K2HTjk6QZIMQtgA2PKscN
618Y+kQc2tyuvIDlM1LJJJ8VCsOhEp30aebWvpagGXZ/cp+il6m4HwPOZLO+lJV6
xkJHSWud8fNam8gPkE9mgg3f4w+V7EJzynoAKiewRA==
=8yom
-----END PGP SIGNATURE-----
More information about the pkg-mozilla-maintainers
mailing list