"they discovered that in August 2011 they had mistakenly issued two intermediate CA certificates to organizations that should have instead received regular SSL certificates"

This is the worst security violation committed by a CA that I have ever read! These organizations can now issue certificates for any domain, not just google.com, and they will be seen as valid by all browsers. Fortunately Chrome already revoked the intermediate CA certs.

However it is unclear whether TURKTRUST has done so on their side yet or not. They distribute 2 main CRLs: [1] which is empty(!) and [2] which contains a bunch of serial numbers recently revoked presumably related to the incident. However their root cert [3] does not reference any of these CRLs, and their (legit) intermediate CA cert [4] is also misconfigured and points to the empty CRL:

            X509v3 CRL Distribution Points:
                Full Name:
                  URI:http://www.turktrust.com.tr/sil/TURKTRUST_Kok_SIL_s3.crl

What this means is that it appears TURKTRUST has not technically revoked anything via CRL. Perhaps they did via OCSP, but I have not checked whether their OCSP endpoint advertises the recent revocations or not.

[1] http://www.turktrust.com.tr/sil/TURKTRUST_Kok_SIL_s3.crl

[2] http://www.turktrust.com.tr/sil/TURKTRUST_Nitelikli_SIL_s3.c...

[3] http://www.turktrust.com.tr/sertifikalar/19_TURKTRUST_Elektr...

[4] http://www.turktrust.com.tr/sertifikalar/20_TURKTRUST_Niteli...