(RHSA-2011:1248) Important: ca-certificates security update

ID RHSA-2011:1248
Type redhat
Reporter RedHat
Modified 2018-06-06T20:24:14


This package contains the set of CA certificates chosen by the Mozilla Foundation for use with the Internet Public Key Infrastructure (PKI).

It was found that a Certificate Authority (CA) issued fraudulent HTTPS certificates. This update removes that CA's root certificate from the ca-certificates package, rendering any HTTPS certificates signed by that CA as untrusted. (BZ#734381)

All users should upgrade to this updated package. After installing the update, all applications using the ca-certificates package must be restarted for the changes to take effect.