10 matches found
OracleVM 3.3 : nss (OVMSA-2014-0014)
The remote OracleVM system is missing necessary patches to address critical security updates : - Added nss-vendor.patch to change vendor - Update some patches on account of the rebase - Resolves: Bug 1099619 - Backport nss-3.12.6 upstream fix required by Firefox 31 - Resolves: Bug 1099619 - Remov...
nss security update
3.15.3-3.0.1.el65 - Added nss-vendor.patch to change vendor 3.15.3-3 - Revoke trust in one mis-issued anssi certificate - Resolves: Bug 1042685 - nss: Mis-issued ANSSI/DCSSI certificate MFSA 2013-117 rhel-6.6...
Mandriva Update for rootcerts MDVSA-2013:003 (rootcerts)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Microsoft Releases Security Advisory on Fraudulent Digital Certificates
Microsoft has released Security Advisory 2798897 in response to active attacks using fraudulent digital certificates issued by TURKTRUST Inc. These fraudulent certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This vulnerability affects al...
Microsoft Revokes Trust in 28 of Its Own Certificates
UPDATED–In the wake of the Flame malware attack, which involved the use of a fraudulent Microsoft digital certificate, the software giant has reviewed its certificates and found nearly 30 that aren’t as secure as the company would like and has revoked them. Microsoft also released its new updater...
DSA-2343-1 openssl - CA trust revocation
Bulletin has no description...
Malaysian CA Digicert Revokes Certs With Weak Keys, Mozilla Moves to Revoke Trust
UPDATED–A certificate authority in Malaysia has had to revoke 22 certificates it issued with weak keys and missing extensions. The problem has prompted Mozilla to revoke trust in the intermediate certificate authority from Digicert Sdn. Bhd., and Microsoft said it plans to take the same actions, ...
Dutch Government Sets Sept. 28 Kill Date for DigiNotar Certs
Adobe said on Friday that its products would soon reject certificates issued by the disgraced Dutch certificate authority DigiNotar following the Dutch government’s decision, Friday, to revoke DigiNotar PKIoverheid CA certificates used by government agencies on September 28. The news sets an...
Mozilla Asks Firefox CAs to Audit Security Systems in Wake of DigiNotar Hack
Already having revoked trust in the root certificates issued by DigiNotar, Mozilla is taking steps to avoid having to repeat that process with any other certificate authority trusted by Firefox, asking all of the CAs involved in the root program to conduct audits of their PKIs and verify that...
DigiNotar Hacker Says He Has GlobalSign Database Backups, Other Data
As GlobalSign continues the investigation into the claimed compromise of its CA infrastructure, the attacker who says he breached DigiNotar and Comodo said in another message on Pastebin Wednesday that not only did he hack GlobalSign, but he has the private key used to sign the certificate for th...