Summary: | app-misc/ca-certificates: Symantec trust | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
Component: | Auditing | Assignee: | Gentoo Security Audit Team <security-audit> |
Status: | RESOLVED OBSOLETE | ||
Severity: | normal | CC: | arthur, base-system, bertrand |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/eUAKwjihhBs | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=598072 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Thomas Deutschmann (RETIRED)
2017-03-24 09:00:40 UTC
commit 6f25c0fc00d14fba2d2597039c3cb2334182eefd Author: Lars Wendler <polynomial-c@gentoo.org> Date: Fri Mar 24 10:28:50 2017 app-misc/ca-certificates: Revbump adding Symantec to insecure certs Gentoo bug #613714 Package-Manager: Portage-2.3.5, Repoman-2.3.2 Just for the records, the commit from comment #1 was reverted by a mask (via commit https://gitweb.gentoo.org/repo/gentoo.git/commit/profiles/package.mask?id=1d41acb61bc8807f1974a47c7232ce7a12821340) just a few minutes after the bump. Gentoo is awaiting action from any CAB member before changing trust for Symantec in Gentoo. Mozilla issues list: https://wiki.mozilla.org/CA:Symantec_Issues Mozilla discussion happening in several threads at https://lists.mozilla.org/listinfo/dev-security-policy (including series with subject of "Symantec Response [XYZ]" Next update expected on or before 20th of April (easter time extended deadline to Symantec) ca-certificates-20161130.3.30-r1 dropped. |