openSUSE Security Update : ca-certificates-mozilla (openSUSE-SU-2013:1891-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The Mozilla CA certificates package was updated to match the current
Mozilla revision 1.95 of certdata.txt.

It blacklists some misused certificate authorities, adds some new and
adjusts some others.

On openSUSE 13.1 a problem with names was also fixed.

- distrust: AC DG Tresor SSL (bnc#854367)

- new:
CA_Disig_Root_R1:2.9.0.195.3.154.238.80.144.110.40.crt
server auth, code signing, email signing

- new:
CA_Disig_Root_R2:2.9.0.146.184.136.219.176.138.193.99.cr
t server auth, code signing, email signing

- new:
China_Internet_Network_Information_Center_EV_Certificate
s_Root:2.4.72.159.0.1.crt server auth

- changed:
Digital_Signature_Trust_Co._Global_CA_1:2.4.54.112.21.15
0.crt removed code signing and server auth abilities

- changed:
Digital_Signature_Trust_Co._Global_CA_3:2.4.54.110.211.2
06.crt removed code signing and server auth abilities

- new: D-TRUST_Root_Class_3_CA_2_2009:2.3.9.131.243.crt
server auth

- new: D-TRUST_Root_Class_3_CA_2_EV_2009:2.3.9.131.244.crt
server auth

- removed:
Equifax_Secure_eBusiness_CA_2:2.4.55.112.207.181.crt

- new: PSCProcert:2.1.11.crt server auth, code signing,
email signing

- new:
Swisscom_Root_CA_2:2.16.30.158.40.232.72.242.229.239.195
.124.74.30.90.24.103.182.crt server auth, code signing,
email signing

- new:
Swisscom_Root_EV_CA_2:2.17.0.242.250.100.226.116.99.211.
141.253.16.29.4.31.118.202.88.crt server auth, code
signing

- changed:
TC_TrustCenter_Universal_CA_III:2.14.99.37.0.1.0.2.20.14
1.51.21.2.228.108.244.crt removed all abilities

- new:
TURKTRUST_Certificate_Services_Provider_Root_2007:2.1.1.
crt server auth, code signing

- changed: TWCA_Root_Certification_Authority:2.1.1.crt
added code signing ability

See also :

http://lists.opensuse.org/opensuse-updates/2013-12/msg00074.html
https://bugzilla.novell.com/show_bug.cgi?id=854163
https://bugzilla.novell.com/show_bug.cgi?id=854367

Solution :

Update the affected ca-certificates-mozilla package.

Risk factor :

High

Family: SuSE Local Security Checks

Nessus Plugin ID: 75233 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now