Back to bug 1367434
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Carl George | 2016-08-16 11:55:32 UTC | CC | carl.george | |
| Sotiris Tsimbonis | 2016-08-16 13:50:05 UTC | CC | stsimb | |
| Kai Engert (:kaie) (inactive account) | 2016-08-16 14:14:57 UTC | Depends On | 1367484 | |
| Robert Scheck | 2016-09-03 00:55:46 UTC | CC | redhat-bugzilla | |
| Stanislav Zidek | 2016-10-10 11:53:18 UTC | CC | szidek | |
| Doc Type | If docs needed, set a value | Release Note | ||
| Kai Engert (:kaie) (inactive account) | 2016-10-14 10:53:39 UTC | Blocks | 1335929 | |
| Kai Engert (:kaie) (inactive account) | 2016-10-14 10:53:55 UTC | CC | nmavrogi | |
| Nikos Mavrogiannopoulos | 2016-10-14 11:10:11 UTC | Alias | rhel7-remove-legacy-cas | |
| Nikos Mavrogiannopoulos | 2016-10-19 10:00:34 UTC | Depends On | 1386616 | |
| Miroslav Grepl | 2016-10-19 20:47:49 UTC | Blocks | 1377248 | |
| Miroslav Grepl | 2016-11-28 14:43:40 UTC | CC | mgrepl | |
| Josh Bressers | 2016-12-14 17:06:12 UTC | CC | bressers | |
| Hanns-Joachim Uhl | 2017-01-24 15:57:36 UTC | CC | hannsj_uhl | |
| Kai Engert (:kaie) (inactive account) | 2017-03-01 11:41:50 UTC | Depends On | 1386848 | |
| Kai Engert (:kaie) (inactive account) | 2017-03-13 14:58:58 UTC | Status | NEW | MODIFIED |
| Fixed In Version | ca-certificates-2017.2.11-73.el7 | |||
| errata-xmlrpc | 2017-03-13 14:59:54 UTC | Status | MODIFIED | ON_QA |
| Alex Gaynor | 2017-03-14 14:24:02 UTC | CC | alex.gaynor | |
| Tomas Pelka | 2017-03-22 15:40:14 UTC | CC | tpelka | |
| Jiri Koten | 2017-03-23 09:34:24 UTC | CC | jkoten | |
| Matěj Cepl | 2017-04-10 22:11:57 UTC | CC | mcepl | |
| Lenka Špačková | 2017-04-11 14:48:59 UTC | Docs Contact | mjahoda | |
| Kai Engert (:kaie) (inactive account) | 2017-04-26 18:03:06 UTC | Doc Text | Previously, to allow older versions of the GnuTLS, OpenSSL and glib-networking libraries to remain compatible with the public web PKI, the ca-certificates package had included a set of legacy CA certificates with 1024-bit RSA keys as trusted by default, although Mozilla had already deprecated them. Because RHEL 7.4.0 contains updated versions of the OpenSSL, GnuTLS and glib-networking libraries, which are able to correctly identify the replacement root CA certificates, trusting these legacy CA certificates is no longer required to be compatible with the public web PKI. This update ca-certificates package removes the legacy CA certificates. The legacy configuration mechanism, which could previously be used to disable the legacy CA certificates, has no longer an effect with this updated ca-certificates package, because the list of legacy CA certificates has been changed to be empty. The ca-certificates packages continues to ship the ca-legacy tool and will keep the current configuration settings, to potentially be reused in the future. |
|
| Mirek Jahoda | 2017-05-11 16:41:11 UTC | Doc Type | Release Note | Deprecated Functionality |
| errata-xmlrpc | 2017-06-22 12:23:45 UTC | Status | ON_QA | VERIFIED |
| Hubert Kario | 2017-06-22 12:25:42 UTC | CC | hkario | |
| QA Contact | qe-baseos-security | hkario | ||
| errata-xmlrpc | 2017-08-01 21:05:27 UTC | Status | VERIFIED | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2017-08-01 17:05:27 UTC |
Back to bug 1367434