[El-errata] ELBA-2015-0964 Oracle Linux 7 ca-certificates bug fix and enhancement update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue May 12 13:10:42 PDT 2015
Oracle Linux Bug Fix Advisory ELBA-2015-0964
http://linux.oracle.com/errata/ELBA-2015-0964.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
ca-certificates-2015.2.4-70.0.el7_1.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ca-certificates-2015.2.4-70.0.el7_1.src.rpm
Description of changes:
[2015.2.4-70.0]
- Update to CKBI 2.4 from NSS 3.18.1 with legacy modifications.
[2015.2.3-70.0]
- Update to CKBI 2.3 from NSS 3.18 with legacy modifications.
- Add a patch to the source RPM that documents the changes from the
upstream version.
- Introduce the ca-legacy utility, a manual page, and the ca-legacy.conf
configuration file.
- The new scriptlets require the coreutils package.
- Remove the obsolete blacklist.txt file.
- Add an alternative version of the "Thawte Premium Server CA" root,
which carries a SHA1-RSA signature, to allow OpenJDK to verify applets
which contain that version of the root certificate.
This change doesn't add trust for another key, because both versions
of the certificate use the same public key (rhbz#1170982).
More information about the El-errata
mailing list