Debian Security Advisory
DSA-2343-1 openssl -- CA trust revocation
- Date Reported:
- 09 Nov 2011
- Affected Packages:
- Security database references:
- No other external database security references currently available.
- More information:
Several weak certificates were issued by Malaysian intermediate CA
Digicert Sdn. Bhd.This event, along with other issues, has lead to Entrust Inc. and Verizon Cybertrust to revoke the CA's cross-signed certificates.
This update to OpenSSL, a Secure Sockets Layer toolkit, reflects this decision by marking Digicert Sdn. Bhd.'s certificates as revoked.
For the oldstable distribution (lenny), this problem has been fixed in version 0.9.8g-15+lenny14.
For the stable distribution (squeeze), this problem has been fixed in version 0.9.8o-4squeeze4.
For the testing distribution (wheezy), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in version 1.0.0e-2.1.
We recommend that you upgrade your openssl packages.