[Midnightbsd-cvs] [MidnightBSD/src] 53edfa: an oversight in the root
Lucas Holt
noreply at github.com
Thu Nov 4 12:16:38 EDT 2021
Branch: refs/heads/stable/2.1
Home: https://github.com/MidnightBSD/src
Commit: 53edfa1cfa12eb768a5ae3406cc85ca57533a83a
https://github.com/MidnightBSD/src/commit/53edfa1cfa12eb768a5ae3406cc85ca57533a83a
Author: Lucas Holt <luke at foolishgames.com>
Date: 2021-11-04 (Thu, 04 Nov 2021)
Changed paths:
M secure/caroot/MAca-bundle.pl
A secure/caroot/blacklisted/Camerfirma_Chambers_of_Commerce_Root.pem
A secure/caroot/blacklisted/Camerfirma_Global_Chambersign_Root.pem
A secure/caroot/blacklisted/Certum_Root_CA.pem
A secure/caroot/blacklisted/Chambers_of_Commerce_Root_-_2008.pem
A secure/caroot/blacklisted/D-TRUST_Root_CA_3_2013.pem
A secure/caroot/blacklisted/EC-ACC.pem
A secure/caroot/blacklisted/GeoTrust_Primary_Certification_Authority_-_G2.pem
A secure/caroot/blacklisted/Global_Chambersign_Root_-_2008.pem
A secure/caroot/blacklisted/OISTE_WISeKey_Global_Root_GA_CA.pem
A secure/caroot/blacklisted/QuoVadis_Root_CA.pem
A secure/caroot/blacklisted/Sonera_Class_2_Root_CA.pem
A secure/caroot/blacklisted/Staat_der_Nederlanden_Root_CA_-_G3.pem
A secure/caroot/blacklisted/SwissSign_Platinum_CA_-_G2.pem
A secure/caroot/blacklisted/Symantec_Class_1_Public_Primary_Certification_Authority_-_G6.pem
A secure/caroot/blacklisted/Symantec_Class_2_Public_Primary_Certification_Authority_-_G6.pem
A secure/caroot/blacklisted/Trustis_FPS_Root_CA.pem
A secure/caroot/blacklisted/VeriSign_Universal_Root_Certification_Authority.pem
A secure/caroot/blacklisted/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
A secure/caroot/blacklisted/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
M secure/caroot/trusted/ACCVRAIZ1.pem
M secure/caroot/trusted/AC_RAIZ_FNMT-RCM.pem
A secure/caroot/trusted/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem
A secure/caroot/trusted/ANF_Secure_Server_Root_CA.pem
M secure/caroot/trusted/Actalis_Authentication_Root_CA.pem
M secure/caroot/trusted/AffirmTrust_Commercial.pem
M secure/caroot/trusted/AffirmTrust_Networking.pem
M secure/caroot/trusted/AffirmTrust_Premium.pem
M secure/caroot/trusted/AffirmTrust_Premium_ECC.pem
M secure/caroot/trusted/Amazon_Root_CA_1.pem
M secure/caroot/trusted/Amazon_Root_CA_2.pem
M secure/caroot/trusted/Amazon_Root_CA_3.pem
M secure/caroot/trusted/Amazon_Root_CA_4.pem
M secure/caroot/trusted/Atos_TrustedRoot_2011.pem
M secure/caroot/trusted/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
M secure/caroot/trusted/Baltimore_CyberTrust_Root.pem
M secure/caroot/trusted/Buypass_Class_2_Root_CA.pem
M secure/caroot/trusted/Buypass_Class_3_Root_CA.pem
M secure/caroot/trusted/CA_Disig_Root_R2.pem
M secure/caroot/trusted/CFCA_EV_ROOT.pem
M secure/caroot/trusted/COMODO_Certification_Authority.pem
M secure/caroot/trusted/COMODO_ECC_Certification_Authority.pem
M secure/caroot/trusted/COMODO_RSA_Certification_Authority.pem
M secure/caroot/trusted/Camerfirma_Chambers_of_Commerce_Root.pem
M secure/caroot/trusted/Camerfirma_Global_Chambersign_Root.pem
M secure/caroot/trusted/Certigna.pem
M secure/caroot/trusted/Certigna_Root_CA.pem
A secure/caroot/trusted/Certum_EC-384_CA.pem
M secure/caroot/trusted/Certum_Root_CA.pem
M secure/caroot/trusted/Certum_Trusted_Network_CA.pem
M secure/caroot/trusted/Certum_Trusted_Network_CA_2.pem
A secure/caroot/trusted/Certum_Trusted_Root_CA.pem
M secure/caroot/trusted/Chambers_of_Commerce_Root_-_2008.pem
M secure/caroot/trusted/Comodo_AAA_Services_root.pem
M secure/caroot/trusted/Cybertrust_Global_Root.pem
M secure/caroot/trusted/D-TRUST_Root_CA_3_2013.pem
M secure/caroot/trusted/D-TRUST_Root_Class_3_CA_2_2009.pem
M secure/caroot/trusted/D-TRUST_Root_Class_3_CA_2_EV_2009.pem
M secure/caroot/trusted/DST_Root_CA_X3.pem
M secure/caroot/trusted/DigiCert_Assured_ID_Root_CA.pem
M secure/caroot/trusted/DigiCert_Assured_ID_Root_G2.pem
M secure/caroot/trusted/DigiCert_Assured_ID_Root_G3.pem
M secure/caroot/trusted/DigiCert_Global_Root_CA.pem
M secure/caroot/trusted/DigiCert_Global_Root_G2.pem
M secure/caroot/trusted/DigiCert_Global_Root_G3.pem
M secure/caroot/trusted/DigiCert_High_Assurance_EV_Root_CA.pem
M secure/caroot/trusted/DigiCert_Trusted_Root_G4.pem
M secure/caroot/trusted/E-Tugra_Certification_Authority.pem
M secure/caroot/trusted/EC-ACC.pem
M secure/caroot/trusted/Entrust_Root_Certification_Authority.pem
M secure/caroot/trusted/Entrust_Root_Certification_Authority_-_EC1.pem
M secure/caroot/trusted/Entrust_Root_Certification_Authority_-_G2.pem
M secure/caroot/trusted/Entrust_Root_Certification_Authority_-_G4.pem
M secure/caroot/trusted/Entrust_net_Premium_2048_Secure_Server_CA.pem
M secure/caroot/trusted/GDCA_TrustAUTH_R5_ROOT.pem
A secure/caroot/trusted/GLOBALTRUST_2020.pem
M secure/caroot/trusted/GTS_Root_R1.pem
M secure/caroot/trusted/GTS_Root_R2.pem
M secure/caroot/trusted/GTS_Root_R3.pem
M secure/caroot/trusted/GTS_Root_R4.pem
M secure/caroot/trusted/GeoTrust_Primary_Certification_Authority_-_G2.pem
M secure/caroot/trusted/GlobalSign_ECC_Root_CA_-_R4.pem
M secure/caroot/trusted/GlobalSign_ECC_Root_CA_-_R5.pem
M secure/caroot/trusted/GlobalSign_Root_CA.pem
M secure/caroot/trusted/GlobalSign_Root_CA_-_R2.pem
M secure/caroot/trusted/GlobalSign_Root_CA_-_R3.pem
M secure/caroot/trusted/GlobalSign_Root_CA_-_R6.pem
A secure/caroot/trusted/GlobalSign_Root_E46.pem
A secure/caroot/trusted/GlobalSign_Root_R46.pem
M secure/caroot/trusted/Global_Chambersign_Root_-_2008.pem
M secure/caroot/trusted/Go_Daddy_Class_2_CA.pem
M secure/caroot/trusted/Go_Daddy_Root_Certificate_Authority_-_G2.pem
M secure/caroot/trusted/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem
M secure/caroot/trusted/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
M secure/caroot/trusted/Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem
M secure/caroot/trusted/Hongkong_Post_Root_CA_1.pem
M secure/caroot/trusted/Hongkong_Post_Root_CA_3.pem
M secure/caroot/trusted/ISRG_Root_X1.pem
M secure/caroot/trusted/IdenTrust_Commercial_Root_CA_1.pem
M secure/caroot/trusted/IdenTrust_Public_Sector_Root_CA_1.pem
M secure/caroot/trusted/Izenpe_com.pem
M secure/caroot/trusted/Microsec_e-Szigno_Root_CA_2009.pem
M secure/caroot/trusted/Microsoft_ECC_Root_Certificate_Authority_2017.pem
M secure/caroot/trusted/Microsoft_RSA_Root_Certificate_Authority_2017.pem
M secure/caroot/trusted/NAVER_Global_Root_Certification_Authority.pem
M secure/caroot/trusted/NetLock_Arany__Class_Gold__F__tan__s__tv__ny.pem
M secure/caroot/trusted/Network_Solutions_Certificate_Authority.pem
M secure/caroot/trusted/OISTE_WISeKey_Global_Root_GA_CA.pem
M secure/caroot/trusted/OISTE_WISeKey_Global_Root_GB_CA.pem
M secure/caroot/trusted/OISTE_WISeKey_Global_Root_GC_CA.pem
M secure/caroot/trusted/QuoVadis_Root_CA.pem
M secure/caroot/trusted/QuoVadis_Root_CA_1_G3.pem
M secure/caroot/trusted/QuoVadis_Root_CA_2.pem
M secure/caroot/trusted/QuoVadis_Root_CA_2_G3.pem
M secure/caroot/trusted/QuoVadis_Root_CA_3.pem
M secure/caroot/trusted/QuoVadis_Root_CA_3_G3.pem
M secure/caroot/trusted/SSL_com_EV_Root_Certification_Authority_ECC.pem
M secure/caroot/trusted/SSL_com_EV_Root_Certification_Authority_RSA_R2.pem
M secure/caroot/trusted/SSL_com_Root_Certification_Authority_ECC.pem
M secure/caroot/trusted/SSL_com_Root_Certification_Authority_RSA.pem
M secure/caroot/trusted/SZAFIR_ROOT_CA2.pem
M secure/caroot/trusted/SecureSign_RootCA11.pem
M secure/caroot/trusted/SecureTrust_CA.pem
M secure/caroot/trusted/Secure_Global_CA.pem
M secure/caroot/trusted/Security_Communication_RootCA2.pem
M secure/caroot/trusted/Security_Communication_Root_CA.pem
M secure/caroot/trusted/Sonera_Class_2_Root_CA.pem
M secure/caroot/trusted/Staat_der_Nederlanden_EV_Root_CA.pem
M secure/caroot/trusted/Staat_der_Nederlanden_Root_CA_-_G3.pem
M secure/caroot/trusted/Starfield_Class_2_CA.pem
M secure/caroot/trusted/Starfield_Root_Certificate_Authority_-_G2.pem
M secure/caroot/trusted/Starfield_Services_Root_Certificate_Authority_-_G2.pem
M secure/caroot/trusted/SwissSign_Gold_CA_-_G2.pem
M secure/caroot/trusted/SwissSign_Platinum_CA_-_G2.pem
M secure/caroot/trusted/SwissSign_Silver_CA_-_G2.pem
M secure/caroot/trusted/Symantec_Class_1_Public_Primary_Certification_Authority_-_G6.pem
M secure/caroot/trusted/Symantec_Class_2_Public_Primary_Certification_Authority_-_G6.pem
M secure/caroot/trusted/T-TeleSec_GlobalRoot_Class_2.pem
M secure/caroot/trusted/T-TeleSec_GlobalRoot_Class_3.pem
M secure/caroot/trusted/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem
M secure/caroot/trusted/TWCA_Global_Root_CA.pem
M secure/caroot/trusted/TWCA_Root_Certification_Authority.pem
M secure/caroot/trusted/TeliaSonera_Root_CA_v1.pem
M secure/caroot/trusted/TrustCor_ECA-1.pem
M secure/caroot/trusted/TrustCor_RootCert_CA-1.pem
M secure/caroot/trusted/TrustCor_RootCert_CA-2.pem
M secure/caroot/trusted/Trustis_FPS_Root_CA.pem
M secure/caroot/trusted/Trustwave_Global_Certification_Authority.pem
M secure/caroot/trusted/Trustwave_Global_ECC_P256_Certification_Authority.pem
M secure/caroot/trusted/Trustwave_Global_ECC_P384_Certification_Authority.pem
M secure/caroot/trusted/UCA_Extended_Validation_Root.pem
M secure/caroot/trusted/UCA_Global_G2_Root.pem
M secure/caroot/trusted/USERTrust_ECC_Certification_Authority.pem
M secure/caroot/trusted/USERTrust_RSA_Certification_Authority.pem
M secure/caroot/trusted/VeriSign_Universal_Root_Certification_Authority.pem
M secure/caroot/trusted/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
M secure/caroot/trusted/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
M secure/caroot/trusted/XRamp_Global_CA_Root.pem
M secure/caroot/trusted/certSIGN_ROOT_CA.pem
M secure/caroot/trusted/certSIGN_Root_CA_G2.pem
M secure/caroot/trusted/e-Szigno_Root_CA_2017.pem
M secure/caroot/trusted/ePKI_Root_Certification_Authority.pem
M secure/caroot/trusted/emSign_ECC_Root_CA_-_C3.pem
M secure/caroot/trusted/emSign_ECC_Root_CA_-_G3.pem
M secure/caroot/trusted/emSign_Root_CA_-_C1.pem
M secure/caroot/trusted/emSign_Root_CA_-_G1.pem
Log Message:
-----------
an oversight in the root
bundle processor included some roots that were not intended to be trusted for
these purposes (SERVER_AUTH).
Obtained from: FreeBSD
More information about the Midnightbsd-cvs
mailing list