Mandriva Linux Security Advisory : rootcerts (MDVSA-2010:032)

High Nessus Plugin ID 44396


The remote Mandriva Linux host is missing one or more security updates.


It was brought to our attention by Ludwig Nussel at SUSE the md5 collision certificate should not be included. This update removes the offending certificate.

Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.

The mozilla nss library has consequently been rebuilt to pickup these changes and are also being provided.


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 44396

File Name: mandriva_MDVSA-2010-032.nasl

Version: $Revision: 1.9 $

Type: local

Published: 2010/02/05

Modified: 2013/06/01

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:lib64nss-devel, p-cpe:/a:mandriva:linux:lib64nss-static-devel, p-cpe:/a:mandriva:linux:lib64nss3, p-cpe:/a:mandriva:linux:libnss-devel, p-cpe:/a:mandriva:linux:libnss-static-devel, p-cpe:/a:mandriva:linux:libnss3, p-cpe:/a:mandriva:linux:nss, p-cpe:/a:mandriva:linux:rootcerts, p-cpe:/a:mandriva:linux:rootcerts-java, cpe:/o:mandriva:linux:2008.0, cpe:/o:mandriva:linux:2009.0, cpe:/o:mandriva:linux:2009.1, cpe:/o:mandriva:linux:2010.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2010/02/04

Reference Information

MDVSA: 2010:032