[Bug 1258286] Re: CAcert should not be trusted by default

Launchpad Bug Tracker Wed, 02 Apr 2014 10:26:34 -0700

This bug was fixed in the package nss - 3.15.4-0ubuntu0.12.04.2

---------------
nss (3.15.4-0ubuntu0.12.04.2) precise-security; urgency=medium


  * SECURITY UPDATE: incorrect IDNA wildcard handling
    - debian/patches/CVE-2014-1492.patch: conform to RFC 6125 in
      nss/lib/certdb/certdb.c.
    - CVE-2014-1492
  * No longer ship cacert.org certificates. (LP: #1258286)
    - removed debian/patches/95_add_spi+cacert_ca_certs.patch
    - added debian/patches/95_add_spi_certs.patch
 -- Marc Deslauriers <marc.deslauri...@ubuntu.com>   Wed, 02 Apr 2014 10:22:10 
-0400

** Changed in: nss (Ubuntu Precise)
       Status: New => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1492

** Changed in: nss (Ubuntu Quantal)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1258286

Title:
  CAcert should not be trusted by default

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1258286/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1258286] Re: CAcert should not be trusted by default

Reply via email to