This was fixed in ca-certificates version 20211016 which is what Jammy
released with. As of today, all Ubuntu releases from Bionic onward ship
20230311 so marking as fix released.
** Changed in: ca-certificates (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1914839
Title:
package upgrade should replace /etc/ssl/certs/ca-certificates.crt
atomically
Status in ca-certificates package in Ubuntu:
Fix Released
Status in ca-certificates package in Debian:
Fix Released
Bug description:
While upgrading the ca-certificates package, a process got the error:
SSL_ca_file /etc/ssl/certs/ca-certificates.crt does not exist
This file should be replaced atomically, with no time gap where the
file does not exist.
(I am flagging this as a security vulnerability because, while I did
not experience any security issue, I can imagine at least the
possibility of this being exploitable in some way in some
circumstances.)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1914839/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
