[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#639744: Compromised certificates for *.google.com issued by DigiNotar Root CA

On Tuesday 06 September 2011 08:19:27 Mike Hommey wrote:
> On Tue, Sep 06, 2011 at 03:03:27PM +0200, Giuseppe Iuculano wrote:
> > On 09/04/2011 09:20 PM, Raphael Geissert wrote:
> > > Giuseppe, do you already have plans for updating chromium? (more info
> > > on the CCed bug.)
> > 
> > chromium uses libnss, please explain, what kind of update chromium
> > needs? did I miss something?
> 
> You missed the part where chromium uses libpkix (despite mozilla
> saying it's not ready), and the libpkix path doesn't reject the certs
> chaining to the Explicitly Disabled CAs.

Giuseppe, in case you missed it: according to [1] "Chromium needs an update to 
.220"

[1]http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639744#203

Cheers,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Reply to: