FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Commit found by message id
Thu, 29 Aug 2013
[ 08:10:09 mandree ] Original commit   Revision:325572
ca_root_nss security files touched by this commit  An older version of this port was marked as vulnerable. The root certificate bundle from the Mozilla Project
Update extraction script to:

- Only look at CKA_TRUST_SERVER_AUTH, _EMAIL_PROTECTION, and
  _CODE_SIGNING attributes.

- Omit certificates that do not have any explicit trust value in these
  three attributes; at least one of the purposes must mark the
  certificate a trusted delegator.

- Validate that the trust is one of three known trust values, to become
  aware of syntax changes in certdata.txt. If it is an unknown token,
  abort with an error stating that the script must be updated.

- Check that we have at least 25 certificates in the output or abort.

This removes these two certificates that have "unknown"
(CKT_NSS_MUST_VERIFY_TRUST) in all three tokens, making them unfit as
trust anchors:

1 C=DE, O=TC TrustCenter GmbH, OU=TC TrustCenter Universal CA,
    CN=TC TrustCenter Universal CA III

2 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network,
    OU=http://www.usertrust.com,
    CN=UTN-USERFirst-Network Applications

164 trusted certificates remain.

Number of ports [& non-ports] in this commit: 1

Showing files for just one port: security/ca_root_nss

show all files

hide all files


2 files found
ActionRevisionLinksFile
modify 325572 View diff View revision /ports/head/security/ca_root_nss/Makefile
modify 325572 View diff View revision /ports/head/security/ca_root_nss/files/MAca-bundle.pl.in
Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
dbusSep 17
nginxSep 16
nginx-develSep 16
phpmyadminSep 13
ossec-hids-clientSep 11
ossec-hids-localSep 11
ossec-hids-serverSep 11
chromiumSep 09
trafficserverSep 05
apache22*Sep 03
apache22-event-mpm*Sep 03
apache22-itk-mpm*Sep 03
apache22-peruser-mpm*Sep 03
apache22-worker-mpm*Sep 03
chromiumAug 26

7 vulnerabilities affecting 15 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24092
Broken 121
Deprecated 89
Ignore 385
Forbidden 17
Restricted 203
No CDROM 94
Vulnerable 22
Expired 1
Set to expire 84
Interactive 0
new 24 hours 5
new 48 hours5
new 7 days35
new fortnight137
new month248


Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.