F-EOL versions of Firefox: How to remove co-opted Diginotar CA?

[Tom Horsley]

On Tue, 06 Sep 2011 08:18:34 -0700
Daniel B. Thurman wrote:

> Now...  I need to figure out how to do a backport of ca-certificates
> pkg so if anyone has any idea how this can be done, I am all ears...

My approach would be to download the source RPM for the old fedora,
do an rpmbuild -bp, then substitute the certificate data from
the source rpm for the new fedora and pick up the rpmbuild after
the -bp stage to really make the rpms with the patched certs.