On Fri, Nov 20, 2009 at 10:31:34AM +0000, Bob Vickers wrote:
I just wanted to warn other users that if you have installed local .crt certificates in /etc/ssl/certs then the recent openssl upgrade will remove the essential links which activates them.
So, before upgrade:
# ls -l | grep -i educat lrwxrwxrwx 1 root root 27 Nov 19 10:04 7ffb3ace.0 -> CyberTrustEducationalCA.crt -rw-r--r-- 1 root root 1537 Jan 17 2008 CyberTrustEducationalCA.crt
after upgrade: # ls -l | grep -i educat -rw-r--r-- 1 root root 1537 Jan 17 2008 CyberTrustEducationalCA.crt
The culprit is /usr/bin/c_rehash which removes all the existing symbolic links but only reinstates the ones pointing to .pem files.
Please open a bug report if not already done. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org