Recommended update for ca-certificates-mozilla

SUSE Recommended Update: Recommended update for ca-certificates-mozilla
Announcement ID: SUSE-RU-2020:0596-1
Rating: moderate
References: #1010996 #1071152 #1071390 #1082318 #1100415 #1154871 #1160160
Affected Products:
  • SUSE Linux Enterprise Server 12-SP5
  • SUSE Linux Enterprise Server 12-SP4
  • SUSE Linux Enterprise Desktop 12-SP4
  • SUSE CaaS Platform 3.0

An update that has 7 recommended fixes can now be installed.

Description:

This update for ca-certificates-mozilla fixes the following issues:
The following non-security bugs were fixed:
Updated to 2.40 state of the Mozilla NSS Certificate store (bsc#1160160):
Removed certificates:

  • Certplus Class 2 Primary CA
  • Deutsche Telekom Root CA 2
  • CN=Swisscom Root CA 2
  • UTN-USERFirst-Client Authentication and Email

Added certificates:
  • Entrust Root Certification Authority - G4

  • Export correct p11kit trust attributes so Firefox detects built in certificates (bsc#1154871).
  • Updated to 2.24 state of the Mozilla NSS Certificate store (bsc#1100415).
  • Use %license instead of %doc (bsc#1082318).
  • Updated to 2.22 state of the Mozilla NSS Certificate store (bsc#1071152, bsc#1071390, bsc#1010996).

Patch Instructions:

To install this SUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Server 12-SP5:
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-596=1
  • SUSE Linux Enterprise Server 12-SP4:
    zypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-596=1
  • SUSE Linux Enterprise Desktop 12-SP4:
    zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2020-596=1
  • SUSE CaaS Platform 3.0:
    To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way.

Package List:

  • SUSE Linux Enterprise Server 12-SP5 (noarch):
    • ca-certificates-mozilla-2.40-12.20.1
  • SUSE Linux Enterprise Server 12-SP4 (noarch):
    • ca-certificates-mozilla-2.40-12.20.1
  • SUSE Linux Enterprise Desktop 12-SP4 (noarch):
    • ca-certificates-mozilla-2.40-12.20.1
  • SUSE CaaS Platform 3.0 (noarch):
    • ca-certificates-mozilla-2.40-12.20.1

References: