Comment 25 for bug 153625

1. Impact: programs doing certificate validation using openssl root certificates shipped with the distribution stop working with encrypted connections if ca-certificates was installed in a pt_BR locale. Examples: wget, curl, landscape-client.
2. The problem was a variable that was wrongly tagged to be translated. It just happened that the pt_BR translation was the first one to hit it. The fix is in hardy, package version 20070303-0ubuntu1
3. Patch is available in this report, as well in the aforementioned package, and attached to upstream debian report. I understand that the final patch is slightly different due to policies.
4. TEST CASE: see comment at https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/153625/comments/12
5. Possible, unverified regression, is that users loose whatever certificates they may have marked as trusted before, i.e., they would have to go through the list again in the worst case scenario. But since the default behavior of this package is to mark all certs as trusted, I don't expect many users would have a custom list. I also personally didn't test if a simple upgrade is enough to fix this issue for users who already have the broken package. This is my first SRU request: I'm not sure if I have to do these tests or if some QA team will do it.
Finally, I also didn't check if previous Ubuntu releases have this bug too. I only know of Gutsy and Hardy, which I have installed.