Moderate CentOS ca-certificates Update

Metadata

medium
unknown
ca-certificates-2013.1.95-65.1.el6_5.noarch.rpm, ca-certificates-2013.1.95-65.1.el6_5.src.rpm
rhn.redhat.com, lists.centos.org
2013-12-20
2017-07-27 19:06
2017-04-01 19:07
2017-01-05 20:11

Description


An updated ca-certificates package that fixes one security issue is now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact.

This package contains the set of CA certificates chosen by the Mozilla
Foundation for use with the Internet Public Key Infrastructure (PKI).

It was found that a subordinate Certificate Authority (CA) mis-issued an
intermediate certificate, which could be used to conduct man-in-the-middle
attacks. This update renders that particular intermediate certificate as
untrusted. (BZ#1038894)

All users should upgrade to this updated package. After installing the
update, all applications using the ca-certificates package must be
restarted for the changes to take effect.
Please see https://www.redhat.com/footer/terms-of-use.html

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
6 ca-certificates ca-certificates-2013.1.95-65.1.el6_5.noarch.rpm
ca-certificates ca-certificates-2013.1.95-65.1.el6_5.src.rpm