Hi Jens,
Thanks. At least we are not the only bad luck one.
Cheers,
Mingchao
-----Original Message-----
From: Jensen, J (Jens) [mailto:[log in to unmask]]
Sent: 29 July 2008 17:42
To: Testbed Support for GridPP member institutes; GridPP Dteam
Subject: Re: New IGTF CAs release 1.24
Ma, M (Mingchao) wrote:
> At the moment, it is not clear why two versions are released in two
> days.
> Cheers,
> Mingchao
>
I can tell you that. One CA was found vulnerable to the Debian security
bug: /DC=TW/DC=ORG/DC=NCHC/CN=NCHC CA
That is the fourth CA I know about...
It was in 1.23 (the one where the UK old ones were taken out) but is now
taken out in 1.24. In the future, CA certificates will be checked for this
prior to the distribution being built.
Cheers
--jens
|