** Changed in: ca-certificates (Debian)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1551615
Title:
Alternative chain verification failure after 1024b root CAs removal
Status in ca-certificates package in Ubuntu:
Invalid
Status in ca-certificates package in Debian:
Fix Released
Bug description:
There is now the same problem on Ubuntu 14.04 as there is currently on
Debian 7.
See:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812708
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812488
Gist:
Openssl 1.0.1f can not verify certificates that have an alternative chain
without both root certificates present. The update 20160104ubuntu0.14.04.1
removes 1024bit certificates that are used within those chains.
Please don't push this update to vivid too!
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1551615/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
