Mozilla Firefox Security Advisory (MFSA2013-20) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

ca-certificates-mozilla: add, remove or blacklist some certificates (important)

The Mozilla CA certificates package was updated to match the current Mozilla revision 1.95 of certdata.txt. It blacklists some misused certificate authorities, adds some new and adjusts some others. On openSUSE 13.1 a problem with names was also fixed. distrust: AC DG Tresor SSL bnc854367 new:...

France Government used Rogue Google SSL Digital Certificates to Spy on users

Google has found that the French government agency using unauthorized digital certificates for some of its own domains to perform man-in-the-middle attacks on a private network. Google security engineer Adam Langley described the incident as a "Serious Security breach", which was discovered in...

Mandriva Linux Security Advisory : nss (MDVSA-2013:050)

Google reported to Mozilla that TURKTRUST, a certificate authority in Mozillas root program, had mis-issued two intermediate certificates to customers. The issue was not specific to Firefox but there was evidence that one of the certificates was used for man-in-the-middle MITM traffic management ...

Apple Fixes OS X Flaw That Allowed Java Apps to Run With Plugin Disabled

Apple on Thursday released a large batch of security fixes for its OS X operating system, one of which patches a flaw that allowed Java Web Start applications to run even when users had Java disabled in the browser. OS X 10.8.3 fixes 21 total vulnerabilities, and also includes a new version of th...

Fedora 17 : ca-certificates-2012.87-1.fc17 (2013-0231)

Blacklist mis-issued TurkTrust CA certificates. This update includes the latest updates to the root Certificate Authority list from Mozilla. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

nss: Dis-trust TURKTRUST mis-issued *.google.com certificate

REJECTED CVE TURKTRUST, a certificate authority in Mozilla’s root program, had mis-issued two intermediate certificates to customers. One of the certificates was used for man-in-the-middle MITM traffic management of domain names that the customer did not legitimately own or control. An intermedia...

Apple Releases iOS 6.1 With Fixes for More Than 20 Vulnerabilities

Apple has fixed dozens of security vulnerabilities in iOS with the release of version 6.1, including a serious flaw in the kernel and a number of bugs in the WebKit framework. The company also revoked trust in the bad TurkTrust certificates that were discovered late last year. One of the key...

Apple iOS < 6.1 Multiple Vulnerabilities

Binary data appleios61check.nbin...

Fedora 16 : qt-4.8.4-6.fc16 (2013-0270)

This build fixes a security issues : - QSslSocket may report incorrect errors when certificate verification fails. For more information: http://lists.qt-project.org/pipermail/announce/2013-Janu ary/000020.html - blacklists unauthorized SSL certificates by Turktrust. For more information:...

Fedora 18 : qt-4.8.4-6.fc18 (2013-0199)

This build fixes a security issues : - QSslSocket may report incorrect errors when certificate verification fails. For more information: http://lists.qt-project.org/pipermail/announce/2013-Janu ary/000020.html - blacklists unauthorized SSL certificates by Turktrust. For more information:...

Ubuntu Update for nss USN-1687-1

Check for the Version of nss OpenVAS Vulnerability Test $Id: gbubuntuUSN16871.nasl 8526 2018-01-25 06:57:37Z teissa $ Ubuntu Update for nss USN-1687-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you c...

Mozilla Thunderbird 17.x < 17.0.2 Multiple Vulnerabilities

Binary data 801308.prm...

Mozilla Firefox 17.x <= 17 Multiple Vulnerabilities

Binary data 800108.prm...

Ubuntu Update for nspr USN-1687-2

Check for the Version of nspr OpenVAS Vulnerability Test $Id: gbubuntuUSN16872.nasl 8650 2018-02-03 12:16:59Z teissa $ Ubuntu Update for nspr USN-1687-2 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...

Fedora 18 : ca-certificates-2012.87-1.fc18 (2013-0306)

Blacklist mis-issued TurkTrust CA certificates This update includes the latest updates to the root Certificate Authority list from Mozilla. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

Thunderbird 10.x < 10.0.12 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird 10.x is potentially affected by the following security issues : - Two intermediate certificates were improperly issued by TURKTRUST certificate authority. CVE-2013-0743 - A use-after-free error exists related to displaying HTML tables with many columns and...

Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : nspr update (USN-1687-2)

USN-1687-1 fixed a vulnerability NSS. This update provides the NSPR needed to use the new NSS. Two intermediate CA certificates were mis-issued by the TURKTRUST certificate authority. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view...

Firefox < 10.0.12 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox is earlier than 10.0.12 and thus, is potentially affected by the following security issues : - Two intermediate certificates were improperly issued by TURKTRUST certificate authority. CVE-2013-0743 - A use-after-free error exists related to displaying HTML tables...

Firefox ESR 17.x < 17.0.2 Multiple Vulnerabilities

The installed version of Firefox 17.x is potentially affected by the following security issues : - Two intermediate certificates were improperly issued by TURKTRUST certificate authority. CVE-2013-0743 - A use-after-free error exists related to displaying HTML tables with many columns and column...