ELBA-2024-5691

ELBA-2024-5691 - ca-certificates bug fix and enhancement update

Type:BUG
Severity:NA
Release Date:2024-08-21

Description


[2024.2.69_v8.0.303-91.4]
- update-ca-trust: return warnings on a unsupported argument instead of error

[2024.2.69_v8.0.303-91.3]
- Temporarily generate the directory-hash files in %install ...(next item)
- Add list of ghost files from directory-hash to %files

[2024.2.69_v8.0.303-91.2]
- Remove write permissions from directory-hash

[2024.2.69_v8.0.303-91.1]
- Reduce dependency on p11-kit to only the trust subpackage
- Own the Directory-hash directory

[2024.2.69_v8.0.303-91.0]
- Fix release number

[2024.2.69_v8.0.303-91]
- Update to CKBI 2.69_v8.0.303 from NSS 3.101.1
- GLOBALTRUST 2020 root CA certificate set CKA_NSS_{SERVER|EMAIL}_DISTRUST_AFTER

[2024.2.68_v8.0.302-91]
- Update to CKBI 2.68_v8.0.302 from NSS 3.101
- Removing:
- # Certificate 'Verisign Class 1 Public Primary Certification Authority - G3'
- # Certificate 'Verisign Class 2 Public Primary Certification Authority - G3'
- # Certificate 'Security Communication Root CA'
- # Certificate 'Camerfirma Chambers of Commerce Root'
- # Certificate 'Hongkong Post Root CA 1'
- # Certificate 'Autoridad de Certificacion Firmaprofesional CIF A62634068'
- # Certificate 'Symantec Class 1 Public Primary Certification Authority - G6'
- # Certificate 'Symantec Class 2 Public Primary Certification Authority - G6'
- # Certificate 'TrustCor RootCert CA-1'
- # Certificate 'TrustCor RootCert CA-2'
- # Certificate 'TrustCor ECA-1'
- # Certificate 'FNMT-RCM'
- Adding:
- # Certificate 'LAWtrust Root CA2 (4096)'
- # Certificate 'Sectigo Public Email Protection Root E46'
- # Certificate 'Sectigo Public Email Protection Root R46'
- # Certificate 'Sectigo Public Server Authentication Root E46'
- # Certificate 'Sectigo Public Server Authentication Root R46'
- # Certificate 'SSL.com TLS RSA Root CA 2022'
- # Certificate 'SSL.com TLS ECC Root CA 2022'
- # Certificate 'SSL.com Client ECC Root CA 2022'
- # Certificate 'SSL.com Client RSA Root CA 2022'
- # Certificate 'Atos TrustedRoot Root CA ECC G2 2020'
- # Certificate 'Atos TrustedRoot Root CA RSA G2 2020'
- # Certificate 'Atos TrustedRoot Root CA ECC TLS 2021'
- # Certificate 'Atos TrustedRoot Root CA RSA TLS 2021'
- # Certificate 'TrustAsia Global Root CA G3'
- # Certificate 'TrustAsia Global Root CA G4'
- # Certificate 'CommScope Public Trust ECC Root-01'
- # Certificate 'CommScope Public Trust ECC Root-02'
- # Certificate 'CommScope Public Trust RSA Root-01'
- # Certificate 'CommScope Public Trust RSA Root-02'
- # Certificate 'D-Trust SBR Root CA 1 2022'
- # Certificate 'D-Trust SBR Root CA 2 2022'
- # Certificate 'Telekom Security SMIME ECC Root 2021'
- # Certificate 'Telekom Security TLS ECC Root 2020'
- # Certificate 'Telekom Security SMIME RSA Root 2023'
- # Certificate 'Telekom Security TLS RSA Root 2023'
- # Certificate 'FIRMAPROFESIONAL CA ROOT-A WEB'
- # Certificate 'SECOM Trust.net'
- # Certificate 'Chambers of Commerce Root'
- # Certificate 'VeriSign Class 2 Public Primary Certification Authority - G3'
- # Certificate 'SSL.com Code Signing RSA Root CA 2022'
- # Certificate 'SSL.com Code Signing ECC Root CA 2022'

[2024.2.68_v8.0.302-91.0]
- update-ca-trust: Fix bug in update-ca-trust so we don't depened on util-unix

[2024.2.68_v8.0.302-91.0]
- Skip %post if getopt is missing (recent change made update-ca-trust use it)

[2024.2.68_v8.0.302-91.0]
- update-ca-trust: Support --output and non-root operation (rhbz#2241240)

[2024.2.68_v8.0.302-91.0]
- update License: field to SPDX




Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) ca-certificates-2024.2.69_v8.0.303-91.4.el9_4.src.rpmc02f9ca887c54f8ef0bb81446ec5e93c-ol9_aarch64_baseos_latest
ca-certificates-2024.2.69_v8.0.303-91.4.el9_4.src.rpmc02f9ca887c54f8ef0bb81446ec5e93c-ol9_aarch64_u4_baseos_patch
ca-certificates-2024.2.69_v8.0.303-91.4.el9_4.noarch.rpm1e08f54da93e564bfbbbd4f3d2798712-ol9_aarch64_baseos_latest
ca-certificates-2024.2.69_v8.0.303-91.4.el9_4.noarch.rpm1e08f54da93e564bfbbbd4f3d2798712-ol9_aarch64_u4_baseos_patch
Oracle Linux 9 (x86_64) ca-certificates-2024.2.69_v8.0.303-91.4.el9_4.src.rpmc02f9ca887c54f8ef0bb81446ec5e93c-ol9_x86_64_baseos_latest
ca-certificates-2024.2.69_v8.0.303-91.4.el9_4.src.rpmc02f9ca887c54f8ef0bb81446ec5e93c-ol9_x86_64_u4_baseos_patch
ca-certificates-2024.2.69_v8.0.303-91.4.el9_4.noarch.rpm1e08f54da93e564bfbbbd4f3d2798712-ol9_x86_64_baseos_latest
ca-certificates-2024.2.69_v8.0.303-91.4.el9_4.noarch.rpm1e08f54da93e564bfbbbd4f3d2798712-ol9_x86_64_u4_baseos_patch


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete