Detections
Analytics

Debian DSA-2199-1 : iceape - ssl certificate blacklist update

high Nessus Plugin ID 52946

Language:

Synopsis

The remote Debian host is missing a security-related update.

Description

This update for the Iceape internet suite, an unbranded version of SeaMonkey, updates the certificate blacklist for several fraudulent HTTPS certificates.

More details can be found in a blog posting by Jacob Appelbaum of the Tor project.

The oldstable distribution (lenny) is not affected. The iceape package only provides the XPCOM code.

Solution

Upgrade the iceape packages.

For the stable distribution (squeeze), this problem has been fixed in version 2.0.11-4.

See Also

http://www.nessus.org/u?0859166b

https://packages.debian.org/source/squeeze/iceape

https://www.debian.org/security/2011/dsa-2199

Plugin Details

Severity: High

ID: 52946

File Name: debian_DSA-2199.nasl

Version: 1.11

Type: local

Agent: unix

Published: 3/24/2011

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:iceape, cpe:/o:debian:debian_linux:6.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 3/23/2011

Reference Information

DSA: 2199