SUSE-RU-2022:3112-1: moderate: Recommended update for ca-certificates-mozilla

sle-updates at lists.suse.com sle-updates at lists.suse.com
Tue Sep 6 16:23:42 UTC 2022 

   SUSE Recommended Update: Recommended update for ca-certificates-mozilla
______________________________________________________________________________

Announcement ID:    SUSE-RU-2022:3112-1
Rating:             moderate
References:         #1181994 #1188006 #1199079 #1202868 
Affected Products:
                    SUSE Linux Enterprise Server 12-SP2-BCL
                    SUSE Linux Enterprise Server 12-SP3-BCL
                    SUSE Linux Enterprise Server 12-SP4-LTSS
                    SUSE Linux Enterprise Server 12-SP5
                    SUSE Linux Enterprise Server for SAP 12-SP4
                    SUSE OpenStack Cloud 9
                    SUSE OpenStack Cloud Crowbar 9
______________________________________________________________________________

   An update that has four recommended fixes can now be
   installed.

Description:

   This update for ca-certificates-mozilla fixes the following issues:

   Updated to 2.56 state of Mozilla SSL root CAs (bsc#1202868)

   - Added:

     - Certainly Root E1
     - Certainly Root R1
     - DigiCert SMIME ECC P384 Root G5
     - DigiCert SMIME RSA4096 Root G5
     - DigiCert TLS ECC P384 Root G5
     - DigiCert TLS RSA4096 Root G5
     - E-Tugra Global Root CA ECC v3
     - E-Tugra Global Root CA RSA v3

   - Removed:

     - Hellenic Academic and Research Institutions RootCA 2011

   Updated to 2.54 state of Mozilla SSL root CAs (bsc#1199079)

   - Added:

     - Autoridad de Certificacion Firmaprofesional CIF A62634068
     - D-TRUST BR Root CA 1 2020
     - D-TRUST EV Root CA 1 2020
     - GlobalSign ECC Root CA R4
     - GTS Root R1
     - GTS Root R2
     - GTS Root R3
     - GTS Root R4
     - HiPKI Root CA - G1
     - ISRG Root X2
     - Telia Root CA v2
     - vTrus ECC Root CA
     - vTrus Root CA

   - Removed:

     - Cybertrust Global Root
     - DST Root CA X3
     - DigiNotar PKIoverheid CA Organisatie - G2
     - GlobalSign ECC Root CA R4
     - GlobalSign Root CA R2
     - GTS Root R1
     - GTS Root R2
     - GTS Root R3
     - GTS Root R4


   Updated to 2.50 state of the Mozilla NSS Certificate store (bsc#1188006)

   - Added CAs:

     - HARICA Client ECC Root CA 2021
     - HARICA Client RSA Root CA 2021
     - HARICA TLS ECC Root CA 2021
     - HARICA TLS RSA Root CA 2021
     - TunTrust Root CA


   Updated to 2.46 state of the Mozilla NSS Certificate store (bsc#1181994)

   - Added new root CAs:

     - NAVER Global Root Certification Authority

   - Removed old root CAs:

     - GeoTrust Global CA
     - GeoTrust Primary Certification Authority
     - GeoTrust Primary Certification Authority - G3
     - GeoTrust Universal CA
     - GeoTrust Universal CA 2
     - thawte Primary Root CA
     - thawte Primary Root CA - G2
     - thawte Primary Root CA - G3
     - VeriSign Class 3 Public Primary Certification Authority - G4
     - VeriSign Class 3 Public Primary Certification Authority - G5


Patch Instructions:

   To install this SUSE Recommended Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud Crowbar 9:

      zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-3112=1

   - SUSE OpenStack Cloud 9:

      zypper in -t patch SUSE-OpenStack-Cloud-9-2022-3112=1

   - SUSE Linux Enterprise Server for SAP 12-SP4:

      zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-3112=1

   - SUSE Linux Enterprise Server 12-SP5:

      zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-3112=1

   - SUSE Linux Enterprise Server 12-SP4-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-3112=1

   - SUSE Linux Enterprise Server 12-SP3-BCL:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-3112=1

   - SUSE Linux Enterprise Server 12-SP2-BCL:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2022-3112=1



Package List:

   - SUSE OpenStack Cloud Crowbar 9 (noarch):

      ca-certificates-mozilla-2.56-12.37.1

   - SUSE OpenStack Cloud 9 (noarch):

      ca-certificates-mozilla-2.56-12.37.1

   - SUSE Linux Enterprise Server for SAP 12-SP4 (noarch):

      ca-certificates-mozilla-2.56-12.37.1

   - SUSE Linux Enterprise Server 12-SP5 (noarch):

      ca-certificates-mozilla-2.56-12.37.1

   - SUSE Linux Enterprise Server 12-SP4-LTSS (noarch):

      ca-certificates-mozilla-2.56-12.37.1

   - SUSE Linux Enterprise Server 12-SP3-BCL (noarch):

      ca-certificates-mozilla-2.56-12.37.1

   - SUSE Linux Enterprise Server 12-SP2-BCL (noarch):

      ca-certificates-mozilla-2.56-12.37.1


References:

   https://bugzilla.suse.com/1181994
   https://bugzilla.suse.com/1188006
   https://bugzilla.suse.com/1199079
   https://bugzilla.suse.com/1202868

More information about the sle-updates mailing list