Scientific Linux Security Update : ca-certificates on SL6.x

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing a security update.

Description :

This package contains the set of CA certificates chosen by the Mozilla
Foundation for use with the Internet Public Key Infrastructure (PKI).

It was found that a Certificate Authority (CA) issued fraudulent HTTPS
certificates. This update removes that CA's root certificate from the
ca-certificates package, rendering any HTTPS certificates signed by
that CA as untrusted.

All users should upgrade to this updated package. After installing the
update, all applications using the ca-certificates package must be
restarted for the changes to take effect.

See also :

http://www.nessus.org/u?2a4bb61f

Solution :

Update the affected ca-certificates package.

Risk factor :

High

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 61130 ()

Bugtraq ID:

CVE ID: