[SECURITY] [DLA 1244-1] ca-certificates update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1244-1] ca-certificates update
From: Brian May <bam@debian.org>
Date: Tue, 16 Jan 2018 07:55:06 +1100
Message-id: <[🔎] 20180115205506.zfv7lghwatj4ujse@prune.linuxpenguins.xyz>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : ca-certificates
Version        : 20130119+deb7u2
Debian Bug     : 858064 858539


This release does a complete update of the CA list. This includes
removing the StartCom and WoSign certificates to as they are now
untrusted by the major browser vendors.

This includes 1024-bit root certificates (#858064) and untrusted StartCom and
WoSign certificates (#858539) which have been removed, as they are deemed to
untrustworthy.

For Debian 7 "Wheezy", these problems have been fixed in version
20130119+deb7u2.

We recommend that you upgrade your ca-certificates packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE1jZRJqkttWDGJ6ztF4RXf4EfbqwFAlpdFE8ACgkQF4RXf4Ef
bqxlHRAApvFjwJBLlemlbXvhLaaP6Fzae5jtNwBTsqL+oC27Evde+WNaoKvTsAi9
FxRLAXuz5d4emCLuNujFd9gyQofRn6lDtYgmw5Y9YdgDEIToH94pFLiHGZqFZv27
v5fLPW8wtu3itO2g+ITecbfzMQCmee9lWO1ODNq/ErWYWDazKR7jTZxBOpaAGFh6
naVi+DiKS5ET1zZdoOS0UvGi06MUHdbgIZlaX1L5XLjdIPEcX4Le53RI4acvVwUu
CxYYhLkSjGni9qQjuJa2KGNDPxfJ8Dd1pWm7Z0/X2esPAQobbQmDfomyIQwPz2qa
pT4suupQamJNearsktmOfuKG7Cnmdxd/lf0cS5pAlxpSGPsPrIIhN2/eZG9dYcHL
fD8n/1ZC2MGQ/HMxf+lVQ/loRKJk2mEDIkPGVWmhQwWIpmEr+/2xtdUgct0jDTzV
+RP6Q69DJ1lbiNzeHpfwWwjq2xIijWRP926DNIltqn9PuHVduXWhlGwpttnwpxK0
CcOenULpU4WmZF4LootGHgPcLmu3DFaXmkIgd2jcZy2SAvhutmjuEueujduepHff
mFJn9XsZjYivo/vf5sVj7Xk4SQCPhFjkZnz9twViQ3SULxc6TixaEqY7tIGh/4m9
s9EodDsZuwpqT+4i5njNfM+3BauFroU5On5cCzW8JJVYrMC8UCE=
=RBYf
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1242-1] xmltooling security update
Next by Date: [SECURITY] [DLA 1245-1] graphicsmagick security update
Previous by thread: [SECURITY] [DLA 1242-1] xmltooling security update
Next by thread: [SECURITY] [DLA 1245-1] graphicsmagick security update
Index(es):
- Date
- Thread