Mozilla to Support Key Pinning in Firefox 32

Mozilla is planning to add support for public-key pinning in its Firefox browser in an upcoming version. In version 32, which would be the next stable version of the browser, Firefox will have key pins for a long list of sites, including many of Mozilla’s own sites, all of the sites pinned in...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-5120)

This update brings Mozilla Thunderbird to 3.1.13. The purpose of this update is to blacklist the compromised DigiNotar Certificate Authority. For more information read: MFSA 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

openSUSE Security Update : mozilla-js192 (mozilla-js192-5127)

This update brings Mozilla XULRunner to 1.9.2.22 The purpose of this update is to blacklist the compromised DigiNotar Certificate Authority. For more information read: MFSA 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

openSUSE Security Update : seamonkey (seamonkey-5122)

This update brings Mozilla SeaMonkey to 2.3.3. The purpose of this update is to blacklist the compromised DigiNotar Certificate Authority. For more information read: MFSA 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...

openSUSE Security Update : seamonkey (seamonkey-5122)

This update brings Mozilla SeaMonkey to 2.3.3. The purpose of this update is to blacklist the compromised DigiNotar Certificate Authority. For more information read: MFSA 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...

openSUSE Security Update : libfreebl3 (openSUSE-SU-2011:1024-1)

This update updates mozilla nss to 3.12.11. It blacklists the lately compromised DigiNotar Certificate Authority. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libfreebl3-5097. The text...

openSUSE Security Update : ca-certificates-mozilla (openSUSE-SU-2011:0994-1)

This updates includes the latest SSL root certificates trusted by Mozilla as of 2011-08-31. This includes removing the DigiNotar CA. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

openSUSE Security Update : ca-certificates-mozilla (openSUSE-SU-2011:0994-1)

This updates includes the latest SSL root certificates trusted by Mozilla as of 2011-08-31. This includes removing the DigiNotar CA. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

openSUSE Security Update : libfreebl3 (openSUSE-SU-2011:1024-1)

This update updates mozilla nss to 3.12.11. It blacklists the lately compromised DigiNotar Certificate Authority. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libfreebl3-5097. The text...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-5118)

This update brings Mozilla Firefox to 3.6.22 The purpose of this update is to blacklist the compromised DigiNotar Certificate Authority. For more information read: MFSA 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-5120)

This update brings Mozilla Thunderbird to 3.1.13. The purpose of this update is to blacklist the compromised DigiNotar Certificate Authority. For more information read: MFSA 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2011:1031-1)

This update brings Mozilla Firefox to 6.0.2. The purpose of this update is to blacklist the compromised DigiNotar Certificate Authority. For more information read: MFSA 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

VMware Security Update Fixes DoS, Other Vulnerabilities

Virtualization software maker VMware shipped a security update for its vSphere API yesterday that resolved a denial of service vulnerability in ESX and ESXi, as well as adding a number of open source security updates to the ESX Service Console. The patch affects the following releases: VMware ESX...

Final Report on DigiNotar Hack Shows Total Compromise of CA Servers

The attacker who penetrated the Dutch CA DigiNotar last year had complete control of all eight of the company’s certificate-issuing servers during the operation and he may also have issued some rogue certificates that have not yet been identified. The final report from a security company...

Deep Packet Inspection Firm Cyberoam Issues Fix Following Private Key Leak

Network security firm Cyberoam issued an over the air update for all of its Deep Packet Inspection DPI devices today after a decrypted version of the company’s universal private key was leaked online over the weekend. The New Jersey-based company pushed the hotfix after an anonymous commenter...

Mac OS X Certificate Trust Policy Information Disclosure Vulnerability (2011-005)

This host is missing an important security update according to Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-005. OpenVAS Vulnerability Test $Id: gbmacosxsu11-005.nasl 6521 2017-07-04 14:51:10Z cfischer $ Mac OS X Certificate Trust Policy Information Disclosure Vulnerability 2011-005...

Mac OS X Certificate Trust Policy Information Disclosure Vulnerability (2011-005)

This host is missing an important security update according to Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-005. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Dutch Government Asks for €8.7 to Reimburse Diginotar Debacle

The Dutch government has asked DigiNotar, the Dutch certificate authority that was broken into last summer, for €8.7 million $11M USD to recoup money it spent buying new certificates, according to several Dutch news reports. The Dutch interior ministry asked for €1 million in January, yet the...

Ubuntu: Security Advisory (USN-1197-8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 11.10 : ca-certificates-java regression (USN-1197-8)

USN-1197-7 fixed a vulnerability in ca-certificates-java. The new package broke upgrades from Ubuntu 11.04 to Ubuntu 11.10. This update fixes the problem. We apologize for the inconvenience. It was discovered that Dutch Certificate Authority DigiNotar had mis-issued multiple fraudulent...