1. Betriebssysteme >
  2. Linux Tipps >
  3. Sectigo root CA expiring, may not be handled well by slightly older linux versions

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

Sectigo root CA expiring, may not be handled well by slightly older linux versions


Linux Tipps vom | Direktlink: reddit.com Nachrichten Bewertung

https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020

It looks like some older distributions of linux (we've seen issues with Deb 9 and earlier and Ubuntu 16.04 and earlier) will not properly expire/ignore this root cert unless it is actually removed. Ubuntu 18 and up, as well as Deb 10 are unaffected. To verify this, create a host based on one of these distributions and roll the time forward Jun 1st or so. Running curl against certain domains will fail with a certificate expired error. For example: curl https://crt.sh.

This happens even if ca-certificates has been updated. This obviously does not affect all domains, but we have a number of critical internal and external endpoints that use comodo/sectigo certs that had the issue.

submitted by /u/hayzeus
[link] [comments]...

Externe Webseite mit kompletten Inhalt öffnen



https://www.reddit.com/r/linux/comments/gshh70/sectigo_root_ca_expiring_may_not_be_handled_well/

Team Security Social Media

➤ Weitere Beiträge von Team Security | IT Sicherheit

  • USN-4041-1: Linux kernel update

    vom 353.44 Punkte ic_school_black_18dp
    linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon update A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.10 Ubun
  • USN-4017-1: Linux kernel vulnerabilities

    vom 326.47 Punkte ic_school_black_18dp
    linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.10 Ubun
  • USN-4135-1: Linux kernel vulnerabilities

    vom 309.69 Punkte ic_school_black_18dp
    linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-gke-5.0, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives
  • Sectigo root CA expiring, may not be handled well by slightly older linux versions

    vom 243.63 Punkte ic_school_black_18dp
    https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020 It looks like some older distributions of linux (we've seen issues with Deb 9 and earlier and Ubuntu 16.04 and earlier) will not properly expire/ignore t
  • DevAudit - Open-source, Cross-Platform, Multi-Purpose Security Auditing Tool

    vom 240.33 Punkte ic_school_black_18dp
    DevAudit is an open-source, cross-platform, multi-purpose security auditing tool targeted at developers and teams adopting DevOps and DevSecOps that detects security vulnerabilities at multiple levels of the solution stack. DevAudit provides a wide array
  • USN-3256-1: Linux kernel vulnerability

    vom 221.97 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3256-1 4th April, 2017 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon, linux-ti-omap4 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LT
  • USN-4404-2: Linux kernel vulnerabilities

    vom 214.66 Punkte ic_school_black_18dp
    linux kernel vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 20.04 LTS Ubuntu 19.10 Ubuntu 18.04 LTS Summary Several security issues were fixed in the NVIDIA graphics driver kernel modules. Software D
  • USN-3328-1: Linux kernel vulnerabilities

    vom 209.04 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3328-1 19th June, 2017 linux, linux-meta vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software descripti
  • USN-4287-1: Linux kernel vulnerabilities

    vom 200.52 Punkte ic_school_black_18dp
    linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Ubuntu 16.04
  • MMD-0055-2016 - Linux/PnScan ; the ELF worm that circled around

    vom 196.31 Punkte ic_school_black_18dp
    Background Just checked around internet and found an interesting ELF worm distribution that may help raising awareness for fellow sysadmins. As per shown in title, it's a known ELF malware threat, could be a latest variant of "Linux/PnScan", found in
  • MMD-0055-2016 - Linux/PnScan ; the ELF worm that circled around

    vom 196.31 Punkte ic_school_black_18dp
    Background Just checked around internet and found an interesting ELF worm distribution that may help raising awareness for fellow sysadmins. As per shown in title, it's a known ELF malware threat, could be a latest variant of "Linux/PnScan", found in
  • USN-4115-2: Linux kernel regression

    vom 195.71 Punkte ic_school_black_18dp
    linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary USN 4115-1 i

Team Security Diskussion über Sectigo root CA expiring, may not be handled well by slightly older linux versions