Opened 6 days ago
Last modified 45 hours ago
#20012 assigned enhancement
nss-3.101.1 (Wait for next release)
Reported by: | Bruce Dubbs | Owned by: | Rahul Chandra |
---|---|---|---|
Priority: | normal | Milestone: | 99-Waiting |
Component: | BOOK | Version: | git |
Severity: | normal | Keywords: | |
Cc: |
Description
New point version.
Change History (4)
comment:1 by , 6 days ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:2 by , 6 days ago
comment:3 by , 6 days ago
Unfortunately nss-{server,email}-distrust-after cannot be stored into OpenSSL trust store (/etc/ssl/certs). OpenSSL does not understand these properties at all.
comment:4 by , 45 hours ago
Milestone: | 12.2 → 99-Waiting |
---|---|
Summary: | nss-3.101.1 → nss-3.101.1 (Wait for next release) |
Wait for next release
Note:
See TracTickets
for help on using tickets.
The only change is rejecting certificates issued by "GLOBALTRUST 2020" since Jun 30, 2024, because the CA failed to handle multiple security incidents properly: https://bugzilla.mozilla.org/show_bug.cgi?id=1893546
For BLFS users using pkcs11/p11-kit-trust.so as libnssckbi.so this update makes no difference. make-ca should have already updated the system trust store to include the info: