Fedora 20: ca-certificates Security Update 2015-4486
Summary
This package contains the set of CA certificates chosen by the
Mozilla Foundation for use with the Internet PKI.
Update Information:
This is an update to the set of CA certificates released with NSS version 3.18
However, the package modifies the CA list to keep several legacy CAs still trusted for compatibility reasons. Please refer to the project URL for details.
If you prefer to use the unchanged list provided by Mozilla, and if you accept any compatibility issues it may cause, an administrator may configure the system by executing the "ca-legacy disable" command.
This update corrects the Fedora legacy classification of four root CA certificates, which had trust added or removed in the upstream 2.1 and 2.2 releases.
Change Log
* Tue Mar 24 2015 Kai Engert
References
[ 1 ] Bug #1205305 - Update to version 2.3 as released with NSS 3.18 https://bugzilla.redhat.com/show_bug.cgi?id=1205305 [ 2 ] Bug #1205302 - Fix the legacy CA inclusions of upstream 2.1 and 2.2 https://bugzilla.redhat.com/show_bug.cgi?id=1205302
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update ca-certificates' at the command line. For more information, refer to "Managing Software with yum", available at .