| Summary: | app-misc/ca-certificates-20210119.3.64: cacert class3 certificate expired may 20, 2021 | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Stefan Huber <shuber> |
| Component: | Current packages | Assignee: | Gentoo's Team for Core System packages <base-system> |
| Status: | RESOLVED FIXED | ||
| Severity: | major | CC: | bertrand, gentoo, sam |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://blog.cacert.org/2021/05/re-signed-class-3-certificate-take-action-now/ | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
|
Description
Stefan Huber
2021-05-21 08:57:29 UTC
Hrm, I think I addressed this via https://gitweb.gentoo.org/repo/gentoo.git/commit/dev-libs/nss?id=c2cc6f938e7d434886140bba6c0e96e27d09384a which should be also in use by ca-certificates... Need to check, app-misc/ca-certificates-20210119.3.64/image/usr/share/ca-certificates/cacert.org/cacert.org_class3.crt seems to be the old one :/ Are there any news to this issue? In my opinion there is a certain urgency and the fix is trivial: Switching to the new certificate. I think I now understand what went wrong: Various sources, including $URL, are pointing to https://www.cacert.org/index.php?id=3 which is still offering the old, now expired, certificate. :] The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=36eb48e212a6d2bbecc2af712a956eded8c76bbf commit 36eb48e212a6d2bbecc2af712a956eded8c76bbf Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2021-05-28 19:07:42 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2021-05-28 19:16:21 +0000 app-misc/ca-certificates: update CAcert Root 3 certificate Closes: https://bugs.gentoo.org/791286 Package-Manager: Portage-3.0.19, Repoman-3.0.3 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> app-misc/ca-certificates/Manifest | 4 ++-- ...es-20210119.3.64.ebuild => ca-certificates-20210119.3.65.ebuild} | 6 +++--- app-misc/ca-certificates/metadata.xml | 3 +-- 3 files changed, 6 insertions(+), 7 deletions(-) Additionally, it has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cbf168552e2bc2111b344be2f42e794a0146d48a commit cbf168552e2bc2111b344be2f42e794a0146d48a Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2021-05-28 19:11:53 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2021-05-28 19:16:22 +0000 dev-libs/nss: update CAcert Root 3 certificate Bug: https://bugs.gentoo.org/791286 Package-Manager: Portage-3.0.19, Repoman-3.0.3 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> dev-libs/nss/Manifest | 2 +- dev-libs/nss/metadata.xml | 2 +- dev-libs/nss/{nss-3.63.1.ebuild => nss-3.63.1-r1.ebuild} | 4 ++-- dev-libs/nss/{nss-3.65.ebuild => nss-3.65-r1.ebuild} | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) (In reply to Thomas Deutschmann from comment #3) > I think I now understand what went wrong: Various sources, including $URL, > are pointing to https://www.cacert.org/index.php?id=3 which is still > offering the old, now expired, certificate. :] Thanks for fixing it. Just installed the new version. |
