[SECURITY] Fedora 20 Update: ca-certificates-2014.2.2-1.0.fc20
updates at fedoraproject.org
updates at fedoraproject.org
Tue Jan 13 00:06:33 UTC 2015
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-17272
2014-12-19 17:11:01
--------------------------------------------------------------------------------
Name : ca-certificates
Product : Fedora 20
Version : 2014.2.2
Release : 1.0.fc20
URL : https://fedoraproject.org/wiki/CA-Certificates
Summary : The Mozilla CA root certificate bundle
Description :
This package contains the set of CA certificates chosen by the
Mozilla Foundation for use with the Internet PKI.
--------------------------------------------------------------------------------
Update Information:
This is an update to the set of CA certificates released with NSS version 3.17.3
However, the package modifies the CA list to keep several legacy CAs still trusted for compatibility reasons. Please refer to the project URL for details.
If you prefer to use the unchanged list provided by Mozilla, and if you accept any compatibility issues it may cause, an administrator may configure the system by executing the "ca-legacy disable" command.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 16 2014 Kai Engert <kaie at redhat.com> - 2014.2.2-1.0
- Update to CKBI 2.2 from NSS 3.17.3 with legacy modifications
- Update project URL
* Thu Nov 20 2014 Kai Engert <kaie at redhat.com> - 2014.2.1-1.5
- Introduce the ca-legacy utility and a ca-legacy.conf configuration file.
By default, legacy roots required for OpenSSL/GnuTLS compatibility
are kept enabled. Using the ca-legacy utility, the legacy roots can be
disabled. If disabled, the system will use the trust set as provided
by the upstream Mozilla CA list. (See also: rhbz#1158197)
- Includes the fixes for rhbz#1158343
* Sun Sep 21 2014 Kai Engert <kaie at redhat.com> - 2014.2.1-1.1
- Temporarily re-enable several legacy root CA certificates because of
compatibility issues with software based on OpenSSL/GnuTLS,
see rhbz#1144808
* Thu Aug 14 2014 Kai Engert <kaie at redhat.com> - 2014.2.1-1.0
- Update to CKBI 2.1 from NSS 3.16.4
- Fix rhbz#1130226
* Wed Mar 19 2014 Kai Engert <kaie at redhat.com> - 2013.1.97-1
- Update to CKBI 1.97 from NSS 3.16
- Remove openjdk build dependency
* Thu Jan 9 2014 Kai Engert <kaie at redhat.com> - 2013.1.96-1
- Update to CKBI 1.96 from NSS 3.15.4
* Tue Dec 17 2013 Kai Engert <kaie at redhat.com> - 2013.1.95-1
- Update to CKBI 1.95 from NSS 3.15.3.1
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update ca-certificates' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list