-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:032 http://www.mandriva.com/security/ _______________________________________________________________________ Package : rootcerts Date : February 4, 2010 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: It was brought to our attention by Ludwig Nussel at SUSE the md5 collision certificate should not be included. This update removes the offending certificate. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The mozilla nss library has consequently been rebuilt to pickup these changes and are also being provided. _______________________________________________________________________ References: http://www.phreedom.org/research/rogue-ca/ _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: c0be9cd2cbe32ecf0cbe9efcc6b48bcf 2008.0/i586/libnss3-3.12.3.1-0.3mdv2008.0.i586.rpm 4c85c05a4963b29efbe93324a73c0119 2008.0/i586/libnss-devel-3.12.3.1-0.3mdv2008.0.i586.rpm 78ea532897f095f3f0d022fb5196b310 2008.0/i586/libnss-static-devel-3.12.3.1-0.3mdv2008.0.i586.rpm faa1a9f6d4ea0779c50d89b0995eb878 2008.0/i586/nss-3.12.3.1-0.3mdv2008.0.i586.rpm b97cacbe47f6f4621bdf001c1a52279f 2008.0/i586/rootcerts-20091203.04-1mdv2008.0.i586.rpm b77f8a14ff4d042fb56df39fcdc8c6b4 2008.0/SRPMS/nss-3.12.3.1-0.3mdv2008.0.src.rpm fc9bc5da8d92ed59ca9e1116fc1e1066 2008.0/SRPMS/rootcerts-20091203.04-1mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: ac8d7f4bcc518b7b114708e04ef2a81c 2008.0/x86_64/lib64nss3-3.12.3.1-0.3mdv2008.0.x86_64.rpm 7fd80d8e75bc863e8cc156f8eda34c99 2008.0/x86_64/lib64nss-devel-3.12.3.1-0.3mdv2008.0.x86_64.rpm 7e257ca13d9b4e5671e12014f8454fcd 2008.0/x86_64/lib64nss-static-devel-3.12.3.1-0.3mdv2008.0.x86_64.rpm 2890ad45cde084278e6c1aa41518616f 2008.0/x86_64/nss-3.12.3.1-0.3mdv2008.0.x86_64.rpm 1f4c8926245d72f28ee8f558367cb310 2008.0/x86_64/rootcerts-20091203.04-1mdv2008.0.x86_64.rpm b77f8a14ff4d042fb56df39fcdc8c6b4 2008.0/SRPMS/nss-3.12.3.1-0.3mdv2008.0.src.rpm fc9bc5da8d92ed59ca9e1116fc1e1066 2008.0/SRPMS/rootcerts-20091203.04-1mdv2008.0.src.rpm Mandriva Linux 2009.0: 1e7275412d2d4b737a3aa661bb5b0c50 2009.0/i586/libnss3-3.12.3.1-0.3mdv2009.0.i586.rpm 2f253257d1140719dbccf85637373c2b 2009.0/i586/libnss-devel-3.12.3.1-0.3mdv2009.0.i586.rpm 65eca7cfcce65b60e69e95e8ba751621 2009.0/i586/libnss-static-devel-3.12.3.1-0.3mdv2009.0.i586.rpm fa8c65e3c9907d1a7724b749acd2b665 2009.0/i586/nss-3.12.3.1-0.3mdv2009.0.i586.rpm 67dc4b43b2c5b258673fcd164a9b9c4d 2009.0/i586/rootcerts-20091203.04-1mdv2009.0.i586.rpm 4186a8c454fae03ce21ef73a73e27a4d 2009.0/i586/rootcerts-java-20091203.04-1mdv2009.0.i586.rpm 5b7822e13fb0b95668be13e39158e069 2009.0/SRPMS/nss-3.12.3.1-0.3mdv2009.0.src.rpm 8ba6271c1c615620593cd84e1d173d00 2009.0/SRPMS/rootcerts-20091203.04-1mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 20c00afa062067ab98741c44f319afb1 2009.0/x86_64/lib64nss3-3.12.3.1-0.3mdv2009.0.x86_64.rpm a4251bc21bf5af1c08509d2bd9c76212 2009.0/x86_64/lib64nss-devel-3.12.3.1-0.3mdv2009.0.x86_64.rpm 81a3bbe448dc979799f6062b3fe0c2c6 2009.0/x86_64/lib64nss-static-devel-3.12.3.1-0.3mdv2009.0.x86_64.rpm 913011d490c5147d3b1ee34ba8be1ab2 2009.0/x86_64/nss-3.12.3.1-0.3mdv2009.0.x86_64.rpm 10e756644972160ea696dddf9c96803f 2009.0/x86_64/rootcerts-20091203.04-1mdv2009.0.x86_64.rpm d67b2fdc4ed9bfbe87dcd57df0187038 2009.0/x86_64/rootcerts-java-20091203.04-1mdv2009.0.x86_64.rpm 5b7822e13fb0b95668be13e39158e069 2009.0/SRPMS/nss-3.12.3.1-0.3mdv2009.0.src.rpm 8ba6271c1c615620593cd84e1d173d00 2009.0/SRPMS/rootcerts-20091203.04-1mdv2009.0.src.rpm Mandriva Linux 2009.1: df7500efc910c929ff5ba7746c6dabeb 2009.1/i586/libnss3-3.12.3.1-0.3mdv2009.1.i586.rpm d3b0b27b327cb504cd4b05777ed55fa8 2009.1/i586/libnss-devel-3.12.3.1-0.3mdv2009.1.i586.rpm 4323ce43b907753870dc288d7f2e640e 2009.1/i586/libnss-static-devel-3.12.3.1-0.3mdv2009.1.i586.rpm cd365d77dd94c02912d469ce5215beb5 2009.1/i586/nss-3.12.3.1-0.3mdv2009.1.i586.rpm 0570308849f28b09a876d72fc47836e6 2009.1/i586/rootcerts-20091203.04-1mdv2009.1.i586.rpm 2dedbde7d658cf77b302ad9f7b051357 2009.1/i586/rootcerts-java-20091203.04-1mdv2009.1.i586.rpm 1f4f9447cce88026fc67d3dbd2413de3 2009.1/SRPMS/nss-3.12.3.1-0.3mdv2009.1.src.rpm e6acad2a8a3e795c19a885c9a8e77e30 2009.1/SRPMS/rootcerts-20091203.04-1mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: 38948df2bcdfc9b34cadc1b16a0f67a9 2009.1/x86_64/lib64nss3-3.12.3.1-0.3mdv2009.1.x86_64.rpm e2f6989e17ab71c6d24b29cc543ea7af 2009.1/x86_64/lib64nss-devel-3.12.3.1-0.3mdv2009.1.x86_64.rpm c7b8d609c5fc1f11bfc5ee743906e288 2009.1/x86_64/lib64nss-static-devel-3.12.3.1-0.3mdv2009.1.x86_64.rpm c221f46ba77caacd158708e3a913d211 2009.1/x86_64/nss-3.12.3.1-0.3mdv2009.1.x86_64.rpm 29a5204bfa28b1cccbf1c071047d2073 2009.1/x86_64/rootcerts-20091203.04-1mdv2009.1.x86_64.rpm dc7d3c85103609c70b755d9a21938563 2009.1/x86_64/rootcerts-java-20091203.04-1mdv2009.1.x86_64.rpm 1f4f9447cce88026fc67d3dbd2413de3 2009.1/SRPMS/nss-3.12.3.1-0.3mdv2009.1.src.rpm e6acad2a8a3e795c19a885c9a8e77e30 2009.1/SRPMS/rootcerts-20091203.04-1mdv2009.1.src.rpm Mandriva Linux 2010.0: 2be08ef724b95d7a6e704321e07fa10e 2010.0/i586/libnss3-3.12.4-2.2mdv2010.0.i586.rpm ed12884eced5f6cd0c508c7f99a1da21 2010.0/i586/libnss-devel-3.12.4-2.2mdv2010.0.i586.rpm 632d90069e3f168a56d1154c9614d907 2010.0/i586/libnss-static-devel-3.12.4-2.2mdv2010.0.i586.rpm a086ad0e94373ba3c41d14e30adbe9d0 2010.0/i586/nss-3.12.4-2.2mdv2010.0.i586.rpm e984c6277a2652bce16c386291ca9f14 2010.0/i586/rootcerts-20091203.04-1mdv2010.0.i586.rpm de701ae417835f8d258ba4920af03ce2 2010.0/i586/rootcerts-java-20091203.04-1mdv2010.0.i586.rpm c90c11d64a63966caff483436d1369a2 2010.0/SRPMS/nss-3.12.4-2.2mdv2010.0.src.rpm 0366a795cffe41abf644a4d251fd5cd1 2010.0/SRPMS/rootcerts-20091203.04-1mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 0f7bad4f8db6fbc5b46345b616569f82 2010.0/x86_64/lib64nss3-3.12.4-2.2mdv2010.0.x86_64.rpm a3780118c20d0968b697768078a91140 2010.0/x86_64/lib64nss-devel-3.12.4-2.2mdv2010.0.x86_64.rpm bd97fde246cfaa89521d1fe519ac504f 2010.0/x86_64/lib64nss-static-devel-3.12.4-2.2mdv2010.0.x86_64.rpm 555dfd2280715adf5ecf878392f412f7 2010.0/x86_64/nss-3.12.4-2.2mdv2010.0.x86_64.rpm a85ef46a3f7390e525499da8cb517b28 2010.0/x86_64/rootcerts-20091203.04-1mdv2010.0.x86_64.rpm f10c590d898002ef12a7836a6c946810 2010.0/x86_64/rootcerts-java-20091203.04-1mdv2010.0.x86_64.rpm c90c11d64a63966caff483436d1369a2 2010.0/SRPMS/nss-3.12.4-2.2mdv2010.0.src.rpm 0366a795cffe41abf644a4d251fd5cd1 2010.0/SRPMS/rootcerts-20091203.04-1mdv2010.0.src.rpm Mandriva Enterprise Server 5: 9fa3e7b43ab7dd6b71e93f7d7a530d9b mes5/i586/libnss3-3.12.3.1-0.3mdvmes5.i586.rpm 17c13b7371d4461e4590f3296b164d01 mes5/i586/libnss-devel-3.12.3.1-0.3mdvmes5.i586.rpm fa7e5b35446a4b15fee350e4eb6469de mes5/i586/libnss-static-devel-3.12.3.1-0.3mdvmes5.i586.rpm 5d47263f3e2fe1d6eca529fbc41e1a45 mes5/i586/nss-3.12.3.1-0.3mdvmes5.i586.rpm be3d17c8e3b70b2eea882d145a15ad3c mes5/i586/rootcerts-20091203.04-1mdvmes5.i586.rpm afb96495ab464ee24a66857b3a81d56b mes5/i586/rootcerts-java-20091203.04-1mdvmes5.i586.rpm f62814393267a1208020f4d0033dd525 mes5/SRPMS/nss-3.12.3.1-0.3mdvmes5.src.rpm 73ce2343464a93c3bc85b07a8781fd2e mes5/SRPMS/rootcerts-20091203.04-1mdv2010.1.src.rpm Mandriva Enterprise Server 5/X86_64: 9d251b020faa05a233856ccae1ca5e4e mes5/x86_64/lib64nss3-3.12.3.1-0.3mdvmes5.x86_64.rpm 78e80398614e4f7968c9617a3020829a mes5/x86_64/lib64nss-devel-3.12.3.1-0.3mdvmes5.x86_64.rpm 566d190a3eb0a7aa9465ef58eb228b18 mes5/x86_64/lib64nss-static-devel-3.12.3.1-0.3mdvmes5.x86_64.rpm 9ceff03efa5892bfef7032a2261ee136 mes5/x86_64/nss-3.12.3.1-0.3mdvmes5.x86_64.rpm 5d5e4319fdc03572a356934a61879e86 mes5/x86_64/rootcerts-20091203.04-1mdvmes5.x86_64.rpm 84cd50aafe7321078026fb9a82ee2c33 mes5/x86_64/rootcerts-java-20091203.04-1mdvmes5.x86_64.rpm f62814393267a1208020f4d0033dd525 mes5/SRPMS/nss-3.12.3.1-0.3mdvmes5.src.rpm 73ce2343464a93c3bc85b07a8781fd2e mes5/SRPMS/rootcerts-20091203.04-1mdv2010.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLasA8mqjQ0CJFipgRAvWTAJ9q+4DLAscYRneWfm/GEfwYzIWJngCglu3b 6Ze+ZosQNiAPdmdu0mRM2Pk= =xf3+ -----END PGP SIGNATURE-----