 Relationships |
|
| Anonymous | Login | 2024-04-25 18:09 CEST |
| Main | My View | View Issues |
| Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||
| 0004822 | [openssl] packaging | major | N/A | 2011-09-14 13:47 | 2012-04-21 01:06 | ||
| Reporter | bwalton | View Status | public | ||||
| Assigned To | yann | ||||||
| Priority | normal | Resolution | fixed | ||||
| Status | closed | ||||||
| Summary | 0004822: CA Compromise | ||||||
| Description | If we are distributing the certificates for DigiNotar, it might be wise to unpackage it as they've been compromised quite badly. | ||||||
| Additional Information | http://www.net-security.org/secworld.php?id=11565 [^] | ||||||
| Tags | No tags attached. | ||||||
| Attached Files | |||||||
|
|
|||||||
|
Relationships |
|
|
Notes |
|
|
(0009282) yann (manager) 2011-09-19 22:35 |
We do not distribute CA in the openssl package but in the ca_certificates package, however I think it's wise to do as Debian and blacklist the DigiNotar CA in openssl itself so I am currently rebuilding openssl with some code borrowed from a Debian patch to blacklist DigiNotar whatever the CA configured with openssl. |
|
(0009578) yann (manager) 2012-02-05 10:32 |
The CA has been removed from the CA certificate package and openssl has been patched to blacklist this certificate. I am closing this bug. |
| Copyright © 2000 - 2008 Mantis Group |  |
