Mandriva Update For Rootcerts MDVSA-2010:032 (rootcerts) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was brought to our attention by Ludwig Nussel at SUSE the md5 collision certificate should not be included. This update removes the offending certificate. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The mozilla nss library has consequently been rebuilt to pickup these changes and are also being provided.

Affected

rootcerts on Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64, Mandriva Linux 2009.0, Mandriva Linux 2009.0/X86_64, Mandriva Linux 2009.1, Mandriva Linux 2009.1/X86_64, Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64

Severity

Classification

CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:127 (gaim)
Mandrake Security Advisory MDVSA-2009:174 (perl-Compress-Raw-Zlib)
Mandrake Security Advisory MDVSA-2009:105 (memcached)
Mandrake Security Advisory MDVSA-2009:172 (dhcp)
Mandrake Security Advisory MDVSA-2009:007 (ntp)

Mandriva Update for rootcerts MDVSA-2010:032 (rootcerts)

Take action and discover your vulnerabilities