Security Information / 2011 / Security Information -- DSA-2199-1 iceape

Debian Security Advisory

DSA-2199-1 iceape -- ssl certificate blacklist update

Date Reported:

23 Mar 2011

Affected Packages:

iceape

Vulnerable:

Yes

Security database references:

No other external database security references currently available.

More information:

This update for the Iceape internet suite, an unbranded version of Seamonkey, updates the certificate blacklist for several fraudulent HTTPS certificates.

More details can be found in a blog posting by Jacob Appelbaum of the Tor project.

The oldstable distribution (lenny) is not affected. The iceape package only provides the XPCOM code.

For the stable distribution (squeeze), this problem has been fixed in version 2.0.11-4.

For the unstable distribution (sid), this problem has been fixed in version 2.0.13-1.

We recommend that you upgrade your iceape packages.