In the newest Mandriva 2010.2 security update for the Mozilla apps, rootcerts was updated to the newest version. We need to update it accordingly so that upgrading from MDV 2010.2 still works correctly. It's possible that there are security implications with this update as well, I'm just not sure. Also, the "nss" package apparently needs to be rebuilt whenever rootcerts is updated, so it will need a rebuild. The version on the MDV rootcerts package is rootcerts-20120218.00-1mdv2010.2, so ours needs to be at least rootcerts-20120218.00-1.mga1. IIRC, this package needs to be updated in Cauldron as well.
Just an additional note, the timezone package is typically updated when rootcerts is, and although it wasn't updated in this MDV update, there is a newer version of that available, so now would be a good time to update it as well.
Here's a link to the Mandriva advisory: http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:022
CC: (none) => dmorganec, jani.valimaa, pterjan
Looks like not only does nss have to be rebuilt with this package, this (updating rootcerts) is generally done in conjunction with Firefox updates and nss is updated for those too. There is a newer version of nss (now in Cauldron).
Blocks: (none) => 4405
(In reply to comment #1) > Just an additional note, the timezone package is typically updated when > rootcerts is, and although it wasn't updated in this MDV update, there is a > newer version of that available, so now would be a good time to update it as > well. Looks like that had already been updated in Mageia 1. It hadn't been updated in Cauldron though (strange). I just fixed that.
CC: jani.valimaa => (none)
Updated packages uploaded. Advisory: ======================== The rootcerts package was updated to allow updating from Mandriva 2010.2 Additionally, the nss package has been rebuilt to pick up the changes. References: http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:022 ======================== Updated packages in core/updates_testing: ======================== rootcerts-20120218.00-1.mga1 rootcerts-java-20120218.00-1.mga1 nss-3.13.1-0.3.mga1 nss-doc-3.13.1-0.3.mga1 libnss3-3.13.1-0.3.mga1 libnss-devel-3.13.1-0.3.mga1 libnss-static-devel-3.13.1-0.3.mga1 from SRPMS: rootcerts-20120218.00-1.mga1.src.rpm nss-3.13.1-0.3.mga1.src.rpm
Assignee: bugsquad => qa-bugs
Testing complete on i586 for the srpms rootcerts-20120218.00-1.mga1.src.rpm nss-3.13.1-0.3.mga1.src.rpm Testing normal usage of rpm, and web browsing. Also some of the examples from http://www.mozilla.org/projects/security/pki/nss/tools/certutil.html#1028724
CC: (none) => davidwhodgins
Testing complete Suggested Advisory: ------------- The rootcerts package was updated to allow updating from Mandriva 2010.2 Additionally, the nss package has been rebuilt to pick up the changes. References: http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:022 https://bugs.mageia.org/show_bug.cgi?id=4664 ------------- SRPMs: rootcerts-20120218.00-1.mga1.src.rpm nss-3.13.1-0.3.mga1.src.rpm Could sysadmin please push from core/updates_testing to core/updates Thankyou!
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Update pushed
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED