Is this supposed to be DSA-2201-1 and not DSA-2200-1? DSA-2200-1 already exists as an Iceweasel advisory..
On Wed, Aug 31, 2011 at 07:47:03PM +0200, Moritz Muehlenhoff wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - ------------------------------------------------------------------------- > Debian Security Advisory DSA-2200-1 secur...@debian.org > http://www.debian.org/security/ Moritz Muehlenhoff > August 31, 2011 http://www.debian.org/security/faq > - ------------------------------------------------------------------------- > > Package : nss > Vulnerability : comprimised certificate authority > Problem type : local(remote) > Debian-specific: no > CVE ID : not available > > Several unauthorised SSL certificates have been found in the wild issued > for the DigiNotar Certificate Authority, obtained through a security > compromise with said company. Debian, like other software > distributors, has as a precaution decided to disable the DigiNotar > Root CA by default in the NSS crypto libraries. > > For the oldstable distribution (lenny), this problem has been fixed in > version 3.12.3.1-0lenny5. > > For the stable distribution (squeeze), this problem has been fixed in > version 3.12.8-1+squeeze2. > > For the unstable distribution (sid), this problem has been fixed in > version 3.12.11-2. > > We recommend that you upgrade your nss packages. > > Further information about Debian Security Advisories, how to apply > these updates to your system and frequently asked questions can be > found at: http://www.debian.org/security/ > > Mailing list: debian-security-annou...@lists.debian.org > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > > iEYEARECAAYFAk5ec2AACgkQXm3vHE4uylqWOgCePJ7ZxFxowQr+ashVepfiGkQr > jfUAni/Kbo0YSC9jq3qjrH8D0x3oPmKq > =H29c > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/