-
ca-certificates (20160104ubuntu0.15.10.1) wily-security; urgency=medium
* Update ca-certificates database to 20160104:
- backport changes from the Ubuntu 16.04 LTS 20160104 package
-- Marc Deslauriers <email address hidden> Mon, 08 Feb 2016 10:28:49 -0500
-
ca-certificates (20150426ubuntu1) wily; urgency=medium
* mozilla-1024/*, Makefile: Since version 20140927 of the ca-certificates
package, containing the 2.1 version of the nss database, CA
certificates with 1024-bit RSA keys have been removed. Unfortunately,
older versions of libraries such as OpenSSL, GnuTLS and glib-networking
are unable to automatically find alternative trust chains to continue
connecting to certain sites. This update restores the certificates
until all libraries have been updated to properly handle alternative
trust chains. See mozilla-1024/certdata.txt for a list of the exact
certificates that were added back. (LP: #1469803)
-- Marc Deslauriers <email address hidden> Mon, 13 Jul 2015 11:10:03 -0400
-
ca-certificates (20150426) unstable; urgency=medium
* debian/postinst:
Set mode and group of /usr/local/share/ca-certificates based on current
/usr/local permissions and ownership. Closes: #611501
* sbin/update-ca-certificates:
Allow customisation of the paths used by update-ca-certificates.
Add an option to set the certs in a directory to the defaults.
Thanks for the patches, Paul Wise. Closes: #774059, #774201
Fix shellcheck warnings and a little indentation.
* sbin/update-ca-certificates.8:
Correct concatenated file name in man page from certificates.crt to
ca-certificates.crt. Closes: #782230
* mozilla/{certdata.txt,nssckbi.h}:
Update Mozilla certificate authority bundle to version 2.4.
The following certificate authorities were added (+):
+ "CFCA EV ROOT"
+ "COMODO RSA Certification Authority"
+ "Entrust Root Certification Authority - EC1"
+ "Entrust Root Certification Authority - G2"
+ "GlobalSign ECC Root CA - R4"
+ "GlobalSign ECC Root CA - R5"
+ "IdenTrust Commercial Root CA 1"
+ "IdenTrust Public Sector Root CA 1"
+ "S-TRUST Universal Root CA"
+ "Staat der Nederlanden EV Root CA"
+ "Staat der Nederlanden Root CA - G3"
+ "USERTrust ECC Certification Authority"
+ "USERTrust RSA Certification Authority" Closes: #762709
The following certificate authorities were removed (-):
- "America Online Root Certification Authority 1"
- "America Online Root Certification Authority 2"
- "E-Guven Kok Elektronik Sertifika Hizmet Saglayicisi"
- "GTE CyberTrust Global Root"
- "Thawte Premium Server CA"
- "Thawte Server CA"
-- Michael Shuler <email address hidden> Sun, 26 Apr 2015 10:37:48 -0500
-
ca-certificates (20141019) unstable; urgency=medium
* debian/copyright:
Add coverage for all files reported by lintian
file-without-copyright-information warning.
* debian/source/lintian-overrides:
Add file-without-copyright-information override for SPI certificate file.
* sbin/update-ca-certificates:
Restore SELinux label after generating ca-certificates.crt file.
Thanks to Laurent Bigonville for the patch. Closes: #742957
Tidy indentation whitespace.
Thanks to Antonio Terceiro for the patch. Closes: #742663
* debian/control:
Update to Standards-Version: 3.9.6 (no other changes needed).
Update Vcs-Browser link to cgit URL.
-- Michael Shuler <email address hidden> Sun, 19 Oct 2014 10:36:49 -0500
