On Fri, Mar 25, 2011 at 11:40:48AM +0000, giff g wrote: > This is in response to DSA 2200-1 > http://lists.debian.org/debian-security-announce/2011/msg00068.html > The issue got fixed for iceweasel but to my understanding this still leaves > other browsers, libraries and tools that use TLS/SSL vulnerable. Therefore > the fraudulent certificates need to be blacklisted in ca-certificate as well.
And you have a clue for us on how to do that? Kind regards Philipp Kern -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org