1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 2599-1] nss security update

    From Thijs Kinkhorst@1:229/2 to All on Sun Jan 6 15:50:02 2013
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-2599-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst January 06, 2013 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : nss
    Vulnerability : mis-issued intermediates
    Problem type : remote
    Debian-specific: no

    Google, Inc. discovered that the TurkTrust certification authority
    included in the Network Security Service libraries (nss) mis-issued
    two intermediate CA's which could be used to generate rogue end-entity certificates. This update explicitly distrusts those two intermediate
    CA's. The two existing TurkTrust root CA's remain active.

    For the stable distribution (squeeze), this problem has been fixed in
    version 3.12.8-1+squeeze6.

    For the testing distribution (wheezy), this problem has been fixed in
    version 2:3.13.6-2.

    For the unstable distribution (sid), this problem has been fixed in
    version 2:3.14.1.with.ckbi.1.93-1.

    We recommend that you upgrade your nss packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.12 (GNU/Linux)

    iQEcBAEBAgAGBQJQ6YrjAAoJEFb2GnlAHawEaXwH/AtwI3yLvEjagBZlixlFHT3K LHP6oMCA7k1nzZbVyAGzLZloWRQchsER6L2Y4DtW8aF3ZlzaH5iBgUTQCfbwyA30 25P1xBpY6AWaa51zY1BUGRJFibhTsTP4K5kv9RVpCt7uKSAfY9JOGh26BXcdsAjQ B2r+Ke62cAyCGhlKsF/ye8AJFV0Mw4b/kj8Mcu++xaKy+xvhe9d5qYrWSI0+5fOv OdB5Zmkb/mvX7RE8Fi3Nf+23wMaBUNHLqWUP3zgX7yw5S0HxNPSgXE1vlX3xBhiH azdsD8uPb1IPPgFwpYL4Pe/ahIdPZHNuR3C65aUsO/dC+RMcJQQnFkt+vQXecXU=
    =kAhN
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)