[El-errata] ELBA-2015-0948 Oracle Linux 6 ca-certificates bug fix and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Wed May 6 11:19:59 PDT 2015

Oracle Linux Bug Fix Advisory ELBA-2015-0948


The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:




Description of changes:

- Update to CKBI 2.4 from NSS 3.18.1 with legacy modifications.

- Add an alternative version of the "Thawte Premium Server CA" root,
   which carries a SHA1-RSA signature, to allow OpenJDK to verify applets
   which contain that version of the root certificate (rhbz#1138230).
   This change doesn't add trust for another key, because both versions
   of the certificate use the same public key.

- Update to CKBI 2.3 from NSS 3.18 with legacy modifications.
- Add a patch to the source RPM that documents the changes from the
   upstream version.
- Introduce the ca-legacy utility, a manual page, and the ca-legacy.conf
   configuration file.
- The new scriptlets require the coreutils package.
- Remove the obsolete blacklist.txt file.

More information about the El-errata mailing list