Bug#639744: marked as done (Compromised certificates for *.google.com issued by DigiNotar Root CA)
Your message dated Wed, 21 Sep 2011 19:54:57 +0000
with message-id <E1R6Ssj-0003r8-JJ@franck.debian.org>
and subject line Bug#639744: fixed in ca-certificates 20090814+nmu3squeeze1
has caused the Debian Bug report #639744,
regarding Compromised certificates for *.google.com issued by DigiNotar Root CA
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
639744: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639744
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: Compromised certificates for *.google.com issued by DigiNotar Root CA
- From: Josh Triplett <josh@joshtriplett.org>
- Date: Mon, 29 Aug 2011 14:03:57 -0700
- Message-id: <20110829210357.26233.13731.reportbug@leaf>
Package: ca-certificates
Version: 20110502
Severity: critical
Tags: security
Please see the following:
https://bugzilla.mozilla.org/show_bug.cgi?id=682956
http://pastebin.com/ff7Yg663
http://pastebin.com/SwCZqskV
(or just search current news for "DigiNotar", optionally in conjunction
with "gmail" or "google".)
Whatever resolution Mozilla and others end up with (revocation of the
certificate or of the entire CA), ca-certificates will likely need to
do the same.
- Josh Triplett
--- End Message ---
--- Begin Message ---
- To: 639744-close@bugs.debian.org
- Subject: Bug#639744: fixed in ca-certificates 20090814+nmu3squeeze1
- From: Thijs Kinkhorst <thijs@debian.org>
- Date: Wed, 21 Sep 2011 19:54:57 +0000
- Message-id: <E1R6Ssj-0003r8-JJ@franck.debian.org>
Source: ca-certificates
Source-Version: 20090814+nmu3squeeze1
We believe that the bug you reported is fixed in the latest version of
ca-certificates, which is due to be installed in the Debian FTP archive:
ca-certificates_20090814+nmu3squeeze1.dsc
to main/c/ca-certificates/ca-certificates_20090814+nmu3squeeze1.dsc
ca-certificates_20090814+nmu3squeeze1.tar.gz
to main/c/ca-certificates/ca-certificates_20090814+nmu3squeeze1.tar.gz
ca-certificates_20090814+nmu3squeeze1_all.deb
to main/c/ca-certificates/ca-certificates_20090814+nmu3squeeze1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 639744@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thijs Kinkhorst <thijs@debian.org> (supplier of updated ca-certificates package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 13 Sep 2011 11:29:21 +0200
Source: ca-certificates
Binary: ca-certificates
Architecture: source all
Version: 20090814+nmu3squeeze1
Distribution: stable
Urgency: high
Maintainer: Philipp Kern <pkern@debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description:
ca-certificates - Common CA certificates
Closes: 639744
Changes:
ca-certificates (20090814+nmu3squeeze1) stable; urgency=low
.
* Non-maintainer upload.
* No-change upload with incremented version number to avoid a
version number conflict with '20090814+nmu3'.
.
ca-certificates (20090814+nmu3) squeeze-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Blacklist "DigiNotar Root CA" (Closes: #639744)
Checksums-Sha1:
3d49bf76750ee23229656ba6bead8438a859a048 1135 ca-certificates_20090814+nmu3squeeze1.dsc
2e4358d624f70f54b3dd0844fcf171adeff02bc9 232277 ca-certificates_20090814+nmu3squeeze1.tar.gz
c7c19a37af0115db56f7d072ef9c3bc0202e93f3 145802 ca-certificates_20090814+nmu3squeeze1_all.deb
Checksums-Sha256:
d65e67e5e5bad13279665d656c52cf6cccb0d9bf99ee8de787bd1ebffde8a070 1135 ca-certificates_20090814+nmu3squeeze1.dsc
5a270de67e7cad18803752d70cc36ae5611542e9f5ab3633b9653b511dca8352 232277 ca-certificates_20090814+nmu3squeeze1.tar.gz
68cfa6f7a2ff0c87e581c320582a9daff892fe9090c56b2913ce7e2630fdad2d 145802 ca-certificates_20090814+nmu3squeeze1_all.deb
Files:
8b3166a5e791a29943f3990f4452cdb1 1135 misc optional ca-certificates_20090814+nmu3squeeze1.dsc
86a87ab838847d359b5eab3189ef310a 232277 misc optional ca-certificates_20090814+nmu3squeeze1.tar.gz
3500fc12353cd5e487334e12db4d89a5 145802 misc optional ca-certificates_20090814+nmu3squeeze1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJOeZUIAAoJEOxfUAG2iX57BdkH+gIR+6I7dFaz7upo20jNzto1
lpYL1nDCrRXN1kTMWMg4Vv4NV0qPJGQB5hooIsuVFOt3r4i1nbuH51G+YR6xnI2Q
J3GkHj3ob4P1DWEDyhEWRMon3qcYlD2nd6pkWafCGvHJ/t09v+XMqIC/da4dMGQg
u3SkkMTBjrJ+FPuzG3WD9vk4GAtaSOx43kLzVjDPA4aM5bYJEVg3n+Je1+totsMD
ll663Fw/wyPgadXsx4w/Ok6Hijxw+yLLUx6j8phkqiiGIgUfg3M4RezEydILO7n9
Apxk+0ppsQkj4k8FBgbYQz5oEtG1Q8/OsMkwRhxN8g0TgU5MZvvwDuGWnnZjIac=
=cpKW
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: