Update ca-certificates with latest NSS roots
Bug #1900727 reported by
Quentin Bracken
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ca-certificates (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Please refresh the default ca-certificates package with the latest NSS roots?
Specifically, we would like to ensure these two roots from NSS 3.54 (26 June 2020) are included in the package:
Bug 1641716 - Microsoft ECC Root Certificate Authority 2017
SHA-256 Fingerprint: 358DF39D764AF9E
Bug 1641716 - Microsoft RSA Root Certificate Authority 2017
SHA-256 Fingerprint: C741F70F4B2A8D8
To post a comment you must log in.
This bug was fixed in the package ca-certificates - 20201027ubuntu0 .20.10. 1
--------------- 0.20.10. 1) groovy-security; urgency=medium
ca-certificates (20201027ubuntu
* mozilla/ {certdata. txt,nssckbi. h}:
Update Mozilla certificate authority bundle to version 2.44.
(LP: #1900727)
The following certificate authorities were added (+):
+ "Microsoft ECC Root Certificate Authority 2017"
+ "Microsoft RSA Root Certificate Authority 2017"
+ "e-Szigno Root CA 2017"
+ "certSIGN Root CA G2"
+ "Trustwave Global Certification Authority"
+ "Trustwave Global ECC P256 Certification Authority"
+ "Trustwave Global ECC P384 Certification Authority"
The following certificate authorities were removed (-):
- "Verisign Class 3 Public Primary Certification Authority - G3"
- "Taiwan GRCA"
- "Staat der Nederlanden Root CA - G2"
- "EE Certification Centre Root CA"
- "LuxTrust Global Root 2"
- "OISTE WISeKey Global Root GA CA"
-- Marc Deslauriers <email address hidden> Tue, 27 Oct 2020 07:37:00 -0400