On Sun, Sep 04, 2011 at 01:37:19AM -0500, Raphael Geissert wrote: > On Saturday 03 September 2011 01:45:22 Mike Hommey wrote: > > Looking at the patches, this really is: > [...] > > Ok, with the patches we got NSS covered, but we still need to do something > for > other users. > > A first look at stuff we ship, this seems to be their current status: > * NSS: > ice* packages should be okay after the latest NSS update. > > * OpenSSL > Nothing special here > > * GnuTLS > Nothing special here > > * chromium: > Even after the NSS update, it seems to be happy to use the Explicitly > Distrusted certs.
Note that this suggests others NSS using applications may be affected too, if they don't do the appropriate thing for untrusted certs. I know at least pidgin and evolution use NSS. Mike -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
