[El-errata] ELBA-2024-5691 Oracle Linux 9 ca-certificates bug fix and enhancement update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Aug 22 14:02:12 UTC 2024
Oracle Linux Bug Fix Advisory ELBA-2024-5691
http://linux.oracle.com/errata/ELBA-2024-5691.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
ca-certificates-2024.2.69_v8.0.303-91.4.el9_4.noarch.rpm
aarch64:
ca-certificates-2024.2.69_v8.0.303-91.4.el9_4.noarch.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//ca-certificates-2024.2.69_v8.0.303-91.4.el9_4.src.rpm
Description of changes:
[2024.2.69_v8.0.303-91.4]
- update-ca-trust: return warnings on a unsupported argument instead of error
[2024.2.69_v8.0.303-91.3]
- Temporarily generate the directory-hash files in %install ...(next item)
- Add list of ghost files from directory-hash to %files
[2024.2.69_v8.0.303-91.2]
- Remove write permissions from directory-hash
[2024.2.69_v8.0.303-91.1]
- Reduce dependency on p11-kit to only the trust subpackage
- Own the Directory-hash directory
[2024.2.69_v8.0.303-91.0]
- Fix release number
[2024.2.69_v8.0.303-91]
- Update to CKBI 2.69_v8.0.303 from NSS 3.101.1
- GLOBALTRUST 2020 root CA certificate set CKA_NSS_{SERVER|EMAIL}_DISTRUST_AFTER
[2024.2.68_v8.0.302-91]
- Update to CKBI 2.68_v8.0.302 from NSS 3.101
- Removing:
- # Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
- # Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
- # Certificate "Security Communication Root CA"
- # Certificate "Camerfirma Chambers of Commerce Root"
- # Certificate "Hongkong Post Root CA 1"
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
- # Certificate "Symantec Class 1 Public Primary Certification Authority - G6"
- # Certificate "Symantec Class 2 Public Primary Certification Authority - G6"
- # Certificate "TrustCor RootCert CA-1"
- # Certificate "TrustCor RootCert CA-2"
- # Certificate "TrustCor ECA-1"
- # Certificate "FNMT-RCM"
- Adding:
- # Certificate "LAWtrust Root CA2 (4096)"
- # Certificate "Sectigo Public Email Protection Root E46"
- # Certificate "Sectigo Public Email Protection Root R46"
- # Certificate "Sectigo Public Server Authentication Root E46"
- # Certificate "Sectigo Public Server Authentication Root R46"
- # Certificate "SSL.com TLS RSA Root CA 2022"
- # Certificate "SSL.com TLS ECC Root CA 2022"
- # Certificate "SSL.com Client ECC Root CA 2022"
- # Certificate "SSL.com Client RSA Root CA 2022"
- # Certificate "Atos TrustedRoot Root CA ECC G2 2020"
- # Certificate "Atos TrustedRoot Root CA RSA G2 2020"
- # Certificate "Atos TrustedRoot Root CA ECC TLS 2021"
- # Certificate "Atos TrustedRoot Root CA RSA TLS 2021"
- # Certificate "TrustAsia Global Root CA G3"
- # Certificate "TrustAsia Global Root CA G4"
- # Certificate "CommScope Public Trust ECC Root-01"
- # Certificate "CommScope Public Trust ECC Root-02"
- # Certificate "CommScope Public Trust RSA Root-01"
- # Certificate "CommScope Public Trust RSA Root-02"
- # Certificate "D-Trust SBR Root CA 1 2022"
- # Certificate "D-Trust SBR Root CA 2 2022"
- # Certificate "Telekom Security SMIME ECC Root 2021"
- # Certificate "Telekom Security TLS ECC Root 2020"
- # Certificate "Telekom Security SMIME RSA Root 2023"
- # Certificate "Telekom Security TLS RSA Root 2023"
- # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB"
- # Certificate "SECOM Trust.net"
- # Certificate "Chambers of Commerce Root"
- # Certificate "VeriSign Class 2 Public Primary Certification Authority - G3"
- # Certificate "SSL.com Code Signing RSA Root CA 2022"
- # Certificate "SSL.com Code Signing ECC Root CA 2022"
[2024.2.68_v8.0.302-91.0]
- update-ca-trust: Fix bug in update-ca-trust so we don't depened on util-unix
[2024.2.68_v8.0.302-91.0]
- Skip %post if getopt is missing (recent change made update-ca-trust use it)
[2024.2.68_v8.0.302-91.0]
- update-ca-trust: Support --output and non-root operation (rhbz#2241240)
[2024.2.68_v8.0.302-91.0]
- update License: field to SPDX
More information about the El-errata
mailing list