Recommended update for openssl-certs
| Announcement ID: | SUSE-RU-2016:1036-1 |
| Rating: | moderate |
| References: | #973042 |
| Affected Products: |
An update that has one recommended fix can now be installed.
Description:
The SSL Root Certificate store openssl-certs was updated to version 2.7 of
the Mozilla NSS certificate store. (bsc#973042)
- Newly added CAs:
* CA WoSign ECC Root
* Certification Authority of WoSign
* Certification Authority of WoSign G2
* Certinomis - Root CA
* Certum Trusted Network CA 2
* CFCA EV ROOT
* COMODO RSA Certification Authority
* DigiCert Assured ID Root G2
* DigiCert Assured ID Root G3
* DigiCert Global Root G2
* DigiCert Global Root G3
* DigiCert Trusted Root G4
* Entrust Root Certification Authority - EC1
* Entrust Root Certification Authority - G2
* GlobalSign
* GlobalSign
* IdenTrust Commercial Root CA 1
* IdenTrust Public Sector Root CA 1
* OISTE WISeKey Global Root GB CA
* QuoVadis Root CA 1 G3
* QuoVadis Root CA 2 G3
* QuoVadis Root CA 3 G3
* Staat der Nederlanden EV Root CA
* Staat der Nederlanden Root CA - G3
* S-TRUST Universal Root CA
* SZAFIR ROOT CA2
* TÃRKTRUST Elektronik Sertifika Hizmet SaÄlayıcısı H5
* TÃRKTRUST Elektronik Sertifika Hizmet SaÄlayıcısı H6
* USERTrust ECC Certification Authority
* USERTrust RSA Certification Authority
* æ²éæ ¹è¯ä¹¦
- Removed CAs:
* AOL CA
* A Trust nQual 03
* Buypass Class 3 CA 1
* CA Disig
* Digital Signature Trust Co Global CA 1
* Digital Signature Trust Co Global CA 3
* E Guven Kok Elektronik Sertifika Hizmet Saglayicisi
* NetLock Expressz (Class C) Tanusitvanykiado
* NetLock Kozjegyzoi (Class A) Tanusitvanykiado
* NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado
* NetLock Uzleti (Class B) Tanusitvanykiado
* SG TRUST SERVICES RACINE
* Staat der Nederlanden Root CA
* TC TrustCenter Class 2 CA II
* TC TrustCenter Universal CA I
* TDC Internet Root CA
* UTN DATACorp SGC Root CA
* Verisign Class 1 Public Primary Certification Authority - G2
* Verisign Class 3 Public Primary Certification Authority
* Verisign Class 3 Public Primary Certification Authority - G2
- Removed server trust from:
* AC RaÃz Certicámara S.A.
* ComSign Secured CA
* NetLock Uzleti (Class B) Tanusitvanykiado
* NetLock Business (Class B) Root
* NetLock Expressz (Class C) Tanusitvanykiado
* TC TrustCenter Class 3 CA II
* TURKTRUST Certificate Services Provider Root 1
* TURKTRUST Certificate Services Provider Root 2
* Equifax Secure Global eBusiness CA-1
* Verisign Class 4 Public Primary Certification Authority G3
- Enable server trust for:
* Actalis Authentication Root CA
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-openssl-certs-12509=1 - SUSE Linux Enterprise Server 11-SP3-LTSS:
zypper in -t patch slessp3-openssl-certs-12509=1 - SUSE Linux Enterprise Server 11-SP2-LTSS:
zypper in -t patch slessp2-openssl-certs-12509=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11-SP4 (noarch):
- openssl-certs-2.7-0.6.1
- SUSE Linux Enterprise Server 11-SP3-LTSS (noarch):
- openssl-certs-2.7-0.6.1
- SUSE Linux Enterprise Server 11-SP2-LTSS (noarch):
- openssl-certs-2.7-0.6.1