Bug 2993

Summary: Update Mozilla::CA to exclude compromised DigiNotar certificates
Product: Mageia Reporter: Frédéric "LpSolit" Buclin <LpSolit>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: critical    
Priority: High CC: davidwhodgins, dmorganec, jquelin, sysadmin-bugs
Version: 1Keywords: validated_update
Target Milestone: Mageia 1   
Hardware: i586   
OS: Linux   
Whiteboard:
Source RPM: perl-Mozilla-CA CVE:
Status comment:
Attachments: Script used to test perl-Mozilla-CA

Description Frédéric "LpSolit" Buclin 2011-10-08 19:12:31 CEST 
Please update perl-Mozilla-CA in Mageia 1 to version 20110914 to revoke compromised DigiNotar certificates. All browsers already excluded these certificates weeks ago.
Frédéric "LpSolit" Buclin 2011-10-08 19:12:49 CEST

Assignee: bugsquad => jquelin

Comment 1 Jerome Quelin 2011-10-09 10:17:10 CEST 
pushed to mga1 core/updates_testing
please validate & sync to core/updates

CC: (none) => jquelin
Assignee: jquelin => qa-bugs

Comment 2 Frédéric "LpSolit" Buclin 2011-10-09 14:20:11 CEST 
Looks good to me, on x86. I tested it via LWP::UserAgent and some websites using SSL.
Comment 3 Dave Hodgins 2011-10-09 14:32:14 CEST 
Created attachment 924 [details]
Script used to test perl-Mozilla-CA

Running the script should not show anything for the connection to paypal,
and should fail for the connection to diginotar.

Testing complete on i586 for the srpm
perl-Mozilla-CA-20110914.0.0-1.1.mga1.src.rpm
Comment 4 Dave Hodgins 2011-10-09 14:36:18 CEST 
Update validated.

Can someone from the sysadmin team push the srpm
perl-Mozilla-CA-20110914.0.0-1.1.mga1.src.rpm
from Core Updates Testing to Core Updates.

Advisory:  This update revokes the compromised DigiNotar certificates
for perl applications.

Keywords: (none) => validated_update
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 5 D Morgan 2011-10-10 09:14:09 CEST 
update pushed.

Status: NEW => RESOLVED
CC: (none) => dmorganec
Resolution: (none) => FIXED