INFBA-2024:5736: ca-certificates security update
Information about definition
Identificator: INFBA-2024:5736
Type: bugfix
Release date: 2024-10-23 11:56:59 UTC
Information about package
The ca-certificates package contains a set of Certificate Authority (CA) certificates chosen by the Mozilla Foundation for use with the Internet Public Key Infrastructure (PKI).
Vulnerabilities description
- CVE-2023-37920
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. Bug Fix and Enhancement: * Annual 2024 ca-certificates update version 2.69 from NSS 3.101.1 for Firefox 128 [rhel-8.10]. * ca-certificates: python-certifi: Removal of e-Tugra root certificate [rhel-8.10.0.z].
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2023-37920
|
no information | 9.1 | no information |
Updated packages