Security Information / 2011 / Security Information -- DSA-2203-1 nss

Debian Security Advisory

DSA-2203-1 nss -- ssl certificate blacklist update

Date Reported:

26 Mar 2011

Affected Packages:

nss

Vulnerable:

Yes

Security database references:

No other external database security references currently available.

More information:

This update for the Network Security Service libraries marks several fraudulent HTTPS certificates as unstrusted.

For the oldstable distribution (lenny), this problem has been fixed in version 3.12.3.1-0lenny4.

For the stable distribution (squeeze), this problem has been fixed in version 3.12.8-1+squeeze1.

For the unstable distribution (sid), this problem has been fixed in version 3.12.9.with.ckbi.1.82-1.

We recommend that you upgrade your nss packages.