nss (3.12.9+ckbi-1.82-0ubuntu2.1) natty-security; urgency=low
* SECURITY UPDATE: Add patch from Debian version 3.12.11-3 rebased against
3.12.9 to remove the DigiNotar certificates and actively distrust them;
Thanks to Mike Hommey from Debian for the original patch (LP: #837557)
- mozilla/security/nss/lib/ckfw/builtins/certdata.*:
Explicitely distrust various DigiNotar CAs:
- DigiNotar Root CA
- DigiNotar Services 1024 CA
- DigiNotar Cyber CA
- DigiNotar Cyber CA 2nd
- DigiNotar PKIoverheid
- DigiNotar PKIoverheid G2
- mozilla/security/nss/lib/ckfw/builtins/certdata.*:
Remove DigiNotar Root CA.
-- Micah Gersten <email address hidden> Wed, 07 Sep 2011 15:15:37 -0500