SUSE-SU-2025:20022-1
Vulnerability from csaf_suse - Published: 2025-02-03 08:49 - Updated: 2025-02-03 08:49Summary
Security update for ca-certificates-mozilla
Notes
Title of the patch
Security update for ca-certificates-mozilla
Description of the patch
This update for ca-certificates-mozilla fixes the following issues:
- Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525)
- Added: FIRMAPROFESIONAL CA ROOT-A WEB
- Distrust: GLOBALTRUST 2020
- Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356)
Added:
- CommScope Public Trust ECC Root-01
- CommScope Public Trust ECC Root-02
- CommScope Public Trust RSA Root-01
- CommScope Public Trust RSA Root-02
- D-Trust SBR Root CA 1 2022
- D-Trust SBR Root CA 2 2022
- Telekom Security SMIME ECC Root 2021
- Telekom Security SMIME RSA Root 2023
- Telekom Security TLS ECC Root 2020
- Telekom Security TLS RSA Root 2023
- TrustAsia Global Root CA G3
- TrustAsia Global Root CA G4
Removed:
- Autoridad de Certificacion Firmaprofesional CIF A62634068
- Chambers of Commerce Root - 2008
- Global Chambersign Root - 2008
- Security Communication Root CA
- Symantec Class 1 Public Primary Certification Authority - G6
- Symantec Class 2 Public Primary Certification Authority - G6
- TrustCor ECA-1
- TrustCor RootCert CA-1
- TrustCor RootCert CA-2
- VeriSign Class 1 Public Primary Certification Authority - G3
- VeriSign Class 2 Public Primary Certification Authority - G3
Patchnames
SUSE-SLE-Micro-6.0-24
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ca-certificates-mozilla",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ca-certificates-mozilla fixes the following issues:\n\n- Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525)\n - Added: FIRMAPROFESIONAL CA ROOT-A WEB\n - Distrust: GLOBALTRUST 2020\n\n- Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356)\n Added:\n - CommScope Public Trust ECC Root-01\n - CommScope Public Trust ECC Root-02\n - CommScope Public Trust RSA Root-01\n - CommScope Public Trust RSA Root-02\n - D-Trust SBR Root CA 1 2022\n - D-Trust SBR Root CA 2 2022\n - Telekom Security SMIME ECC Root 2021\n - Telekom Security SMIME RSA Root 2023\n - Telekom Security TLS ECC Root 2020\n - Telekom Security TLS RSA Root 2023\n - TrustAsia Global Root CA G3\n - TrustAsia Global Root CA G4\n Removed:\n - Autoridad de Certificacion Firmaprofesional CIF A62634068\n - Chambers of Commerce Root - 2008\n - Global Chambersign Root - 2008\n - Security Communication Root CA\n - Symantec Class 1 Public Primary Certification Authority - G6\n - Symantec Class 2 Public Primary Certification Authority - G6\n - TrustCor ECA-1\n - TrustCor RootCert CA-1\n - TrustCor RootCert CA-2\n - VeriSign Class 1 Public Primary Certification Authority - G3\n - VeriSign Class 2 Public Primary Certification Authority - G3\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-24",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20022-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20022-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520022-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20022-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021350.html"
},
{
"category": "self",
"summary": "SUSE Bug 1199079",
"url": "https://bugzilla.suse.com/1199079"
},
{
"category": "self",
"summary": "SUSE Bug 1220356",
"url": "https://bugzilla.suse.com/1220356"
},
{
"category": "self",
"summary": "SUSE Bug 1227525",
"url": "https://bugzilla.suse.com/1227525"
}
],
"title": "Security update for ca-certificates-mozilla",
"tracking": {
"current_release_date": "2025-02-03T08:49:32Z",
"generator": {
"date": "2025-02-03T08:49:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20022-1",
"initial_release_date": "2025-02-03T08:49:32Z",
"revision_history": [
{
"date": "2025-02-03T08:49:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ca-certificates-mozilla-2.68-1.1.noarch",
"product": {
"name": "ca-certificates-mozilla-2.68-1.1.noarch",
"product_id": "ca-certificates-mozilla-2.68-1.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ca-certificates-mozilla-2.68-1.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:ca-certificates-mozilla-2.68-1.1.noarch"
},
"product_reference": "ca-certificates-mozilla-2.68-1.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…