ca-certificates not in sync with newer releases

Bug #1257265 reported by Joel Merrick on 2013-12-03
262
This bug affects 2 people
Affects Status Importance Assigned to Milestone
ca-certificates (Ubuntu)
Undecided
Unassigned
Lucid
Undecided
Unassigned
Precise
Undecided
Unassigned
Quantal
Undecided
Unassigned
Saucy
Undecided
Unassigned

Bug Description

ca-certificates package in precise still at 20111211, whereas raring/saucy are at 20130119.

Changelog in newer shows revokations etc. that are not present in the precise LTS package.

May also apply to ca-certificates-java.

information type: Private Security → Public Security
Changed in ca-certificates (Ubuntu):
status: New → Confirmed
Changed in ca-certificates (Ubuntu):
status: Confirmed → Invalid
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ca-certificates - 20130906ubuntu0.13.10.1

---------------
ca-certificates (20130906ubuntu0.13.10.1) saucy-security; urgency=medium

  * Update ca-certificates database to 20130906 (LP: #1257265):
    - backport changes from the Ubuntu 14.04 20130906ubuntu1 package
    - No longer ship cacert.org certificates (LP: #1258286)
    - mozilla/certdata2pem.py: Work around openssl issue by shipping both
      versions of the same signed roots. Previously, the script would
      simply overwrite the first one found in the certdata.txt with the
      later one since they both have the same CKA_LABEL, resulting in
      identical filenames. (LP: #1014640, LP: #1031333)
 -- Marc Deslauriers <email address hidden> Thu, 06 Feb 2014 17:04:56 -0500

Changed in ca-certificates (Ubuntu Saucy):
status: New → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ca-certificates - 20130906ubuntu0.12.04.1

---------------
ca-certificates (20130906ubuntu0.12.04.1) precise-security; urgency=medium

  * Update ca-certificates database to 20130906 (LP: #1257265):
    - backport changes from the Ubuntu 14.04 20130906ubuntu1 package
    - No longer ship cacert.org certificates (LP: #1258286)
    - No longer ship obsolete debconf.org certificates
    - mozilla/certdata2pem.py: Work around openssl issue by shipping both
      versions of the same signed roots. Previously, the script would
      simply overwrite the first one found in the certdata.txt with the
      later one since they both have the same CKA_LABEL, resulting in
      identical filenames. (LP: #1014640, LP: #1031333)
 -- Marc Deslauriers <email address hidden> Thu, 06 Feb 2014 17:39:43 -0500

Changed in ca-certificates (Ubuntu Precise):
status: New → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ca-certificates - 20130906ubuntu0.10.04.1

---------------
ca-certificates (20130906ubuntu0.10.04.1) lucid-security; urgency=medium

  * Update ca-certificates database to 20130906 (LP: #1257265, LP: #1271357):
    - backport changes from the Ubuntu 14.04 20130906ubuntu1 package
    - No longer ship cacert.org certificates (LP: #1258286)
    - No longer ship obsolete debconf.org certificates
    - No longer ship expired brasil.gov.br certificates
    - No longer ship expired signet.pl certificates
    - No longer ship gouv.fr certificates, now part of mozilla bundle
    - No longer ship telesec.de certificates, now part of mozilla bundle
    - mozilla/certdata2pem.py: Work around openssl issue by shipping both
      versions of the same signed roots. Previously, the script would
      simply overwrite the first one found in the certdata.txt with the
      later one since they both have the same CKA_LABEL, resulting in
      identical filenames. (LP: #1014640, LP: #1031333)
 -- Marc Deslauriers <email address hidden> Fri, 07 Feb 2014 13:58:53 -0500

Changed in ca-certificates (Ubuntu Lucid):
status: New → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ca-certificates - 20130906ubuntu0.12.10.1

---------------
ca-certificates (20130906ubuntu0.12.10.1) quantal-security; urgency=medium

  * Update ca-certificates database to 20130906 (LP: #1257265):
    - backport changes from the Ubuntu 14.04 20130906ubuntu1 package
    - No longer ship cacert.org certificates (LP: #1258286)
    - No longer ship obsolete debconf.org certificates
    - mozilla/certdata2pem.py: Work around openssl issue by shipping both
      versions of the same signed roots. Previously, the script would
      simply overwrite the first one found in the certdata.txt with the
      later one since they both have the same CKA_LABEL, resulting in
      identical filenames. (LP: #1014640, LP: #1031333)
 -- Marc Deslauriers <email address hidden> Thu, 06 Feb 2014 17:23:27 -0500

Changed in ca-certificates (Ubuntu Quantal):
status: New → Fix Released
Changed in ca-certificates (Ubuntu):
assignee: nobody → firmanda gies alghiffary (al-ghiffary)
status: Invalid → New
status: New → Confirmed
status: Confirmed → Fix Released
Changed in ca-certificates (Ubuntu):
assignee: firmanda gies alghiffary (al-ghiffary) → nobody
status: Fix Released → Invalid
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers