Ma, M (Mingchao) wrote:
> At the moment, it is not clear why two versions are released in two
> days.
> Cheers,
> Mingchao
>
I can tell you that. One CA was found vulnerable to the Debian security
bug: /DC=TW/DC=ORG/DC=NCHC/CN=NCHC CA
That is the fourth CA I know about...
It was in 1.23 (the one where the UK old ones were taken out) but is now
taken out in 1.24. In the future, CA certificates will be checked for
this prior to the distribution being built.
Cheers
--jens
|