Home / mailings [USN-1197-5] CA Certificates vulnerability
Posted on 09 September 2011
Ubuntu Security==========================
==========================
========================
Ubuntu Security Notice USN-1197-5
September 09, 2011
ca-certificates vulnerability
==========================
==========================
========================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary:
A certificate authority mis-issued fraudulent certificates.
Software Description:
- ca-certificates: Common CA certificates
Details:
USN-1197-1 addressed an issue in Firefox and Xulrunner pertaining to the
Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates=
=2E
This update provides the corresponding update for ca-certificates.
Original advisory details:
It was discovered that Dutch Certificate Authority DigiNotar, had
mis-issued multiple fraudulent certificates. These certificates could al=
low
an attacker to perform a "man in the middle" (MITM) attack which would m=
ake
the user believe their connection is secure, but is actually being
monitored.
=20
For the protection of its users, Mozilla has removed the DigiNotar
certificate. Sites using certificates issued by DigiNotar will need to s=
eek
another certificate vendor.
=20
We are currently aware of a regression that blocks one of two Staat der
Nederlanden root certificates which are believed to still be secure. Thi=
s
regression is being tracked at https://launchpad.net/bugs/838322.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.04:
ca-certificates 20090814+nmu2ubuntu0.1
Ubuntu 10.10:
ca-certificates 20090814ubuntu0.10.10.1
Ubuntu 10.04 LTS:
ca-certificates 20090814ubuntu0.10.04.1
After a standard system update you need to restart any application using
ca-certificates to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1197-5
http://www.ubuntu.com/usn/usn-1197-1
https://launchpad.net/bugs/837557
Package Information:
https://launchpad.net/ubuntu/+source/ca-certificates/20090814+nmu2ubunt=
u0.1
https://launchpad.net/ubuntu/+source/ca-certificates/20090814ubuntu0.10=
=2E10.1
https://launchpad.net/ubuntu/+source/ca-certificates/20090814ubuntu0.10=
=2E04.1
------------
