SCIENTIFIC-LINUX-USERS Archives

September 2011

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: {OT} Saga with certificates continues : "Hackers steal SSL certificates for CIA, MI6, Mossad"
From:
Pat Riehecky <[log in to unmask]>
Reply To:
Pat Riehecky <[log in to unmask]>
Date:
Tue, 6 Sep 2011 13:49:34 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (38 lines) 
On 09/06/2011 07:19 AM, Frank Lanitz wrote:
> Am 06.09.2011 06:38, schrieb Franchisseur Robert:
>> -- Le (On) 2011-09-06 +0200 à (at) 00:53:39 Andreas Petzold écrivit (wrote): --
>>
>>> On Tuesday, September 06, 2011 00:26:22 Valerii D. wrote:
>>>> <snip>
>>>>
>>>> Yes. And the distribution is still the browser 3. 6. 2 without security
>>>> updates. And with a certificate from DigiNotar.
>>> TUV released the errata a week ago, so we can expect to see patched rpms from
>>> SL soon. In the meantime you can just delete the Diginotar CA from FF.
>>>
>>         You can't ! It seems it was deleted but if you re-open :
>>
>>         Edit -->  Preferences -->  Advanced -->  Encryption -->  View certificats -->  Authorities
>>
>>         it is still there !
>>
>>
> Don't delete them, just mark them as not trustworthy. This will help.
>
>
> Cheers,
> Frank
>
> P.S. Aren't the certifactes distributes within the ca-package which have
> at least been updated for 6.x?

Hello,

It looks like the errata pushed out on 9/1 and 9/2 should take care of 
this automatically.

http://listserv.fnal.gov/scripts/wa.exe?A2=ind1109&L=scientific-linux-errata&P=337
http://listserv.fnal.gov/scripts/wa.exe?A2=ind1109&L=scientific-linux-errata&P=1002

Pat

ATOM RSS1 RSS2