Executive Summary
| Informations | |||
|---|---|---|---|
| Name | MDVSA-2011:133-1 | First vendor Publication | 2011-09-15 |
| Vendor | Mandriva | Last vendor Modification | 2011-09-15 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : | |||
|---|---|---|---|
| Cvss Base Score | Not Defined | Attack Range | Not Defined |
| Cvss Impact Score | Not Defined | Attack Complexity | Not Defined |
| Cvss Expoit Score | Not Defined | Authentication | Not Defined |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Security issues were identified and fixed in mozilla firefox and thunderbird: As more information has come to light about the attack on the DigiNotar Certificate Authority we have improved the protections added in MFSA 2011-34. The main change is to add explicit distrust to the DigiNotar root certificate and several intermediates. Removing the root as in our previous fix meant the certificates could be considered valid if cross-signed by another Certificate Authority. Importantly this list of distrusted certificates includes the PKIOverheid (PKIGovernment) intermediates under DigiNotar's control that did not chain to DigiNotar's root and were not previously blocked. Additionally, some packages which require so, have been rebuilt and are being provided as updates. Update: Packages for Mandriva Linux 2011 is now being provided as well. Enjoy! |
Original Source
| Url : http://www.mandriva.com/security/advisories?name=MDVSA-2011:133-1 |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:42:25 |
|
