[El-errata] ELBA-2015-0964 Oracle Linux 7 ca-certificates bug fix and enhancement update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue May 12 13:10:42 PDT 2015
Oracle Linux Bug Fix Advisory ELBA-2015-0964
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
Description of changes:
- Update to CKBI 2.4 from NSS 3.18.1 with legacy modifications.
- Update to CKBI 2.3 from NSS 3.18 with legacy modifications.
- Add a patch to the source RPM that documents the changes from the
- Introduce the ca-legacy utility, a manual page, and the ca-legacy.conf
- The new scriptlets require the coreutils package.
- Remove the obsolete blacklist.txt file.
- Add an alternative version of the "Thawte Premium Server CA" root,
which carries a SHA1-RSA signature, to allow OpenJDK to verify applets
which contain that version of the root certificate.
This change doesn't add trust for another key, because both versions
of the certificate use the same public key (rhbz#1170982).
More information about the El-errata