[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#639744: Compromised certificates for *.google.com issued by DigiNotar Root CA

On Sun, Sep 04, 2011 at 01:37:19AM -0500, Raphael Geissert wrote:
> On Saturday 03 September 2011 01:45:22 Mike Hommey wrote:
> > Looking at the patches, this really is:
> [...]
> 
> Ok, with the patches we got NSS covered, but we still need to do something for 
> other users.
> 
> A first look at stuff we ship, this seems to be their current status:
> * NSS:
> ice* packages should be okay after the latest NSS update.
> 
> * OpenSSL
> Nothing special here
> 
> * GnuTLS
> Nothing special here
> 
> * chromium:
> Even after the NSS update, it seems to be happy to use the Explicitly 
> Distrusted certs.

Note that this suggests others NSS using applications may be affected
too, if they don't do the appropriate thing for untrusted certs.
I know at least pidgin and evolution use NSS.

Mike
Reply to: