FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Commit found by message id
Thu, 29 Aug 2013
[ 08:10:09 mandree ] Original commit   Revision:325572
ca_root_nss security files touched by this commit  An older version of this port was marked as vulnerable. The root certificate bundle from the Mozilla Project
Update extraction script to:

- Only look at CKA_TRUST_SERVER_AUTH, _EMAIL_PROTECTION, and
  _CODE_SIGNING attributes.

- Omit certificates that do not have any explicit trust value in these
  three attributes; at least one of the purposes must mark the
  certificate a trusted delegator.

- Validate that the trust is one of three known trust values, to become
  aware of syntax changes in certdata.txt. If it is an unknown token,
  abort with an error stating that the script must be updated.

- Check that we have at least 25 certificates in the output or abort.

This removes these two certificates that have "unknown"
(CKT_NSS_MUST_VERIFY_TRUST) in all three tokens, making them unfit as
trust anchors:

1 C=DE, O=TC TrustCenter GmbH, OU=TC TrustCenter Universal CA,
    CN=TC TrustCenter Universal CA III

2 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network,
    OU=http://www.usertrust.com,
    CN=UTN-USERFirst-Network Applications

164 trusted certificates remain.

Number of ports [& non-ports] in this commit: 1

Showing files for just one port: security/ca_root_nss

show all files

hide all files


2 files found
ActionRevisionLinksFile
modify 325572 View diff View revision /ports/head/security/ca_root_nss/Makefile
modify 325572 View diff View revision /ports/head/security/ca_root_nss/files/MAca-bundle.pl.in
Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
chromiumAug 26
fileAug 21
py-djangoAug 21
py-django-develAug 21
py-django14Aug 21
py-django15Aug 21
php53Aug 18
phpmyadminAug 17
chromiumAug 13
serfAug 11
subversionAug 11
subversion17Aug 11
nginxAug 09
nginx-develAug 09
mingw32-opensslAug 06

6 vulnerabilities affecting 9 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24510
Broken 217
Deprecated 730
Ignore 561
Forbidden 36
Restricted 261
No CDROM 101
Vulnerable 23
Expired 0
Set to expire 720
Interactive 0
new 24 hours 6
new 48 hours8
new 7 days55
new fortnight95
new month255


Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.