Remove expired AddTrust_External_Root.crt because it breaks software
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ca-certificates (Ubuntu) |
Fix Released
|
Critical
|
Marc Deslauriers | ||
Xenial |
Fix Released
|
Critical
|
Marc Deslauriers | ||
Bionic |
Fix Released
|
Critical
|
Marc Deslauriers | ||
Eoan |
Fix Released
|
Critical
|
Marc Deslauriers | ||
Focal |
Fix Released
|
Critical
|
Marc Deslauriers | ||
Groovy |
Fix Released
|
Critical
|
Marc Deslauriers |
Bug Description
The AddTrust_
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncr
Issuer: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
Validity
Not Before: May 30 10:48:38 2000 GMT
Not After : May 30 10:48:38 2020 GMT
Subject: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
This causes various client-side errors on Ubuntu 16.04 machines, about SSL certificate expiration, using (lib)curl for instance. Ubuntu 18.04 and up seem OK.
Removing 'mozilla/
Changed in ca-certificates (Ubuntu Xenial): | |
importance: | Undecided → Critical |
Changed in ca-certificates (Ubuntu Bionic): | |
importance: | Undecided → Critical |
Changed in ca-certificates (Ubuntu Eoan): | |
importance: | Undecided → Critical |
Changed in ca-certificates (Ubuntu Focal): | |
importance: | Undecided → Critical |
Changed in ca-certificates (Ubuntu Groovy): | |
importance: | Undecided → Critical |
Changed in ca-certificates (Ubuntu Xenial): | |
status: | New → In Progress |
Changed in ca-certificates (Ubuntu Bionic): | |
status: | New → In Progress |
Changed in ca-certificates (Ubuntu Eoan): | |
status: | New → In Progress |
Changed in ca-certificates (Ubuntu Focal): | |
status: | New → In Progress |
Changed in ca-certificates (Ubuntu Groovy): | |
status: | Confirmed → In Progress |
Changed in ca-certificates (Ubuntu Xenial): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in ca-certificates (Ubuntu Bionic): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in ca-certificates (Ubuntu Eoan): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in ca-certificates (Ubuntu Focal): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in ca-certificates (Ubuntu Groovy): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in ca-certificates (Ubuntu Groovy): | |
status: | Fix Committed → Fix Released |
Status changed to 'Confirmed' because the bug affects multiple users.