Public bug reported: Pollinate ships entropy.ubuntu.com's public certificate for tighter security.
This certificate has been updated and pollinate needs to be updated. The previous certificate is expiring at Thursday, October 15, 2015 at 11:10:53 AM. [Impact] Any new 14.04 (Trusty) cloud instance with a down-level version of pollinate will fail to seed their PRNG from entropy.ubuntu.com, after Thursday, October 15, 2015 at 11:10:53 AM. [Test Case] Run: $ sudo pollinate -r to reseed your PRNG. If you have the old version of pollinate, you'll get certificate errors (See Comment #1), and it will exit non-zero. If you have the new version (already uploaded to ppa:pollinate/ppa, utopic, trusty-proposed), it will work again and exit zero (see Comment #2). [Regression Potential] Negligible. A single file is updated with a new public SSL certificate for https://entropy.ubuntu.com, in /etc/pollinate/entropy.ubuntu.com.pem ** Affects: pollinate (Ubuntu) Importance: High Assignee: Dustin Kirkland (kirkland) Status: In Progress ** Affects: pollinate (Ubuntu Trusty) Importance: High Assignee: Dustin Kirkland (kirkland) Status: In Progress ** Affects: pollinate (Ubuntu Vivid) Importance: High Assignee: Dustin Kirkland (kirkland) Status: In Progress ** Affects: pollinate (Ubuntu Wily) Importance: High Assignee: Dustin Kirkland (kirkland) Status: In Progress ** Description changed: Pollinate ships entropy.ubuntu.com's public certificate for tighter security. This certificate has been updated and pollinate needs to be updated. + The previous certificate is expiring at Thursday, October 15, 2015 at + 11:10:53 AM. [Impact] - Any new 14.04 (Trusty) cloud instance with a down-level version of pollinate will fail to seed their PRNG from entropy.ubuntu.com. + Any new 14.04 (Trusty) cloud instance with a down-level version of pollinate will fail to seed their PRNG from entropy.ubuntu.com, after Thursday, October 15, 2015 at 11:10:53 AM. [Test Case] Run: - $ sudo pollinate -r + $ sudo pollinate -r to reseed your PRNG. If you have the old version of pollinate, you'll get certificate errors (See Comment #1), and it will exit non-zero. If you have the new version (already uploaded to ppa:pollinate/ppa, utopic, trusty-proposed), it will work again and exit zero (see Comment #2). [Regression Potential] Negligible. A single file is updated with a new public SSL certificate for https://entropy.ubuntu.com, in /etc/pollinate/entropy.ubuntu.com.pem ** Changed in: pollinate (Ubuntu) Importance: Undecided => High ** Changed in: pollinate (Ubuntu) Status: New => In Progress ** Also affects: pollinate (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: pollinate (Ubuntu Wily) Importance: High Status: In Progress ** Also affects: pollinate (Ubuntu Vivid) Importance: Undecided Status: New ** Changed in: pollinate (Ubuntu Trusty) Status: New => In Progress ** Changed in: pollinate (Ubuntu Vivid) Status: New => In Progress ** Changed in: pollinate (Ubuntu Trusty) Importance: Undecided => High ** Changed in: pollinate (Ubuntu Vivid) Importance: Undecided => High ** Changed in: pollinate (Ubuntu Trusty) Assignee: (unassigned) => Dustin Kirkland (kirkland) ** Changed in: pollinate (Ubuntu Vivid) Assignee: (unassigned) => Dustin Kirkland (kirkland) ** Changed in: pollinate (Ubuntu Wily) Assignee: (unassigned) => Dustin Kirkland (kirkland) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to pollinate in Ubuntu. https://bugs.launchpad.net/bugs/1483762 Title: [SRU] ship new public cert To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pollinate/+bug/1483762/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
