1 ca-certificates (20111025.4) UNRELEASED; urgency=low
3 * Clarify CA audit note in package description and README.debian. Thanks
4 to C.J. Adams-Collier for the patch. Closes: #594383
5 * Remove French Government IGC/A CA certificates. The RSA certificate is
6 included in the Mozilla bundle and the DSA certificate is not in use.
8 * Remove expired signet.pl CAs. Closes: #647849
9 * Remove expired brasil.gov.br CA.
10 * Edit 20111025 changelog/NEWS entries to correctly list installed CAs
11 * Use 'set -e' in body of debian/postinst
13 -- Michael Shuler <michael@pbandjelly.org> Mon, 05 Dec 2011 21:12:55 -0600
15 ca-certificates (20111025) unstable; urgency=low
18 * Add 3.0 (native) source format
19 * Add Vcs-Git/Browser fields
20 * Add myself as new Maintainer with Uploaders Closes: #588219
21 * Update mozilla/certdata.txt to latest (NSS branch version 1.64.2.13)
22 Certificates added (+) and removed (-):
23 + "AffirmTrust Commercial"
24 + "AffirmTrust Networking"
25 + "AffirmTrust Premium"
26 + "AffirmTrust Premium ECC"
28 + "Certinomis - Autorité Racine"
29 + "Certum Trusted Network CA"
30 + "Go Daddy Root Certificate Authority - G2"
31 + "Root CA Generalitat Valenciana"
32 + "Starfield Root Certificate Authority - G2"
33 + "Starfield Services Root Certificate Authority - G2"
34 + "TWCA Root Certification Authority"
35 - "AOL Time Warner Root Certification Authority 1"
36 - "AOL Time Warner Root Certification Authority 2"
38 - "Entrust.net Global Secure Personal CA"
39 - "Entrust.net Global Secure Server CA"
40 - "Entrust.net Secure Personal CA"
41 - "IPS Chained CAs root"
46 - "IPS Timestamping root"
47 - "Thawte Personal Freemail CA"
48 - "Thawte Time Stamping CA"
49 * Update CAcert-Class 3-Subroot-certificate Closes: #630232
52 * sbin/update-ca-certificates: move the ca-certificates.crt bundle out of
53 the way before calling c_rehash, so that symlinks don't accidentally get
54 pointed here, breaking openssl certificate verification LP: #854927
57 * Drop bogus c_rehash on upgrades, which caused issue when
58 ca-certificates.crt was still in place; instead, call
59 update-ca-certificates --fresh on upgrades to this version, and
60 the usual update-ca-certificates otherwise Closes: #643667, #537382
62 -- Michael Shuler <michael@pbandjelly.org> Tue, 25 Oct 2011 09:12:10 -0500
64 ca-certificates (20111022) unstable; urgency=low
67 * Fix pending l10n issues. Debconf translations:
68 - German (Helge Kreutzmann). Closes: #634000
69 - French (Christian Perrier). Closes: #634092
70 - Russian (Yuri Kozlov). Closes: #635146
71 - Swedish (Martin Bagge / brother). Closes: #640622
72 - Slovak (Slavko). Closes: #641987
73 - Spanish; (Javier Fernández-Sanguino). Closes: #642359
74 - Japanese (Kenshi Muto). Closes: #644828
75 - Czech (Miroslav Kure). Closes: #644843
76 - Danish (Joe Hansen). Closes: #644854
77 - Italian (Luca Monducci). Closes: #645004
78 - Dutch; (Jeroen Schot). Closes: #645090
79 - Portuguese (Miguel Figueiredo). Closes: #645126
80 - Galician (Jorge Barreiro). Closes: #645138
81 - Catalan; (Jordi Mallach). Closes: #645182
82 - Brazilian Portuguese (Adriano Rafael Gomes). Closes: #645526
83 * Split Choices in debconf templates
84 * Add build-arch and build-indep build targets
85 * Bump debhelper compatibility level to 8
86 * Bump Standards to 3.9.2 (checked)
87 * Replace "dh_clean -k" by dh_prep
89 -- Christian Perrier <bubulle@debian.org> Sat, 22 Oct 2011 14:24:00 +0200
91 ca-certificates (20110502+nmu1) unstable; urgency=high
93 * Non-maintainer upload by the Security Team.
94 * Blacklist "DigiNotar Root CA" (Closes: #639744)
96 -- Raphael Geissert <geissert@debian.org> Tue, 30 Aug 2011 21:00:55 -0500
98 ca-certificates (20110502) unstable; urgency=low
101 * Mark the package as multi-arch:foreign. (Closes: #622323)
102 * Use db_settitle in config script to allow translations of the
103 dialog title; thanks to Frans Pop. (Closes: #560314)
105 -- Philipp Kern <pkern@debian.org> Mon, 02 May 2011 19:27:50 +0200
107 ca-certificates (20110421) unstable; urgency=low
110 * Package is orphaned, set maintainer to QA group
111 * Depend on openssl 1.0.0 and force a call of c_rehash so that we have
112 both the old and new style of symlinks. (Closes: #611102)
113 * Remove libssl0.9.8 from enhances
114 * Update mozilla certdata.txt file to the latest version.
116 - ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt
117 - beTRUSTed_Root_CA-Baltimore_Implementation.crt
118 - beTRUSTed_Root_CA.crt
119 - beTRUSTed_Root_CA_-_Entrust_Implementation.crt
120 - beTRUSTed_Root_CA_-_RSA_Implementation.crt
121 - Digital_Signature_Trust_Co._Global_CA_2.crt
122 - Digital_Signature_Trust_Co._Global_CA_4.crt
123 - Entrust.net_Global_Secure_Personal_CA.crt
124 - Entrust.net_Global_Secure_Server_CA.crt
125 - Entrust.net_Secure_Personal_CA.crt
126 - GTE_CyberTrust_Root_CA.crt
127 - IPS_Chained_CAs_root.crt
128 - IPS_CLASE1_root.crt
129 - IPS_CLASE3_root.crt
130 - IPS_CLASEA1_root.crt
131 - IPS_CLASEA3_root.crt
132 - IPS_Servidores_root.crt
133 - IPS_Timestamping_root.crt
134 - RSA_Security_1024_v3.crt
136 - Thawte_Personal_Basic_CA.crt
137 - Thawte_Personal_Premium_CA.crt
138 - UTN-USER_First-Network_Applications.crt
139 - Verisign_RSA_Secure_Server_CA.crt
140 - Verisign_Time_Stamping_Authority_CA.crt
141 - Visa_International_Global_Root_2.crt
144 - AC_Raíz_Certicámara_S.A..crt
145 - ApplicationCA_-_Japanese_Government.crt
146 - Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
147 - Buypass_Class_2_CA_1.crt
148 - Buypass_Class_3_CA_1.crt
151 - certSIGN_ROOT_CA.crt
152 - Chambers_of_Commerce_Root_-_2008.crt
155 - ComSign_Secured_CA.crt
156 - Cybertrust_Global_Root.crt
157 - Deutsche_Telekom_Root_CA_2.crt
158 - EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.crt
159 - E-Guven_Kok_Elektronik_Sertifika_Hizmet_Saglayicisi.crt
160 - ePKI_Root_Certification_Authority.crt
161 - GeoTrust_Primary_Certification_Authority_-_G2.crt
162 - GeoTrust_Primary_Certification_Authority_-_G3.crt
163 - Global_Chambersign_Root_-_2008.crt
164 - GlobalSign_Root_CA_-_R3.crt
165 - Hongkong_Post_Root_CA_1.crt
169 - Microsec_e-Szigno_Root_CA_2009.crt
170 - Microsec_e-Szigno_Root_CA.crt
171 - NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt
172 - OISTE_WISeKey_Global_Root_GA_CA.crt
173 - SecureSign_RootCA11.crt
174 - Security_Communication_EV_RootCA1.crt
175 - Staat_der_Nederlanden_Root_CA_-_G2.crt
176 - S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.crt
177 - TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.crt
178 - TC_TrustCenter_Class_2_CA_II.crt
179 - TC_TrustCenter_Class_3_CA_II.crt
180 - TC_TrustCenter_Universal_CA_I.crt
181 - TC_TrustCenter_Universal_CA_III.crt
182 - thawte_Primary_Root_CA_-_G2.crt
183 - thawte_Primary_Root_CA_-_G3.crt
184 - VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt
185 - VeriSign_Universal_Root_Certification_Authority.crt
187 - Verisign_Class_1_Public_Primary_Certification_Authority.crt
188 - Verisign_Class_3_Public_Primary_Certification_Authority.crt
189 * Remove telesec.de/deutsche-telekom-root-ca-2.crt, now in mozilla.
190 * String decode the mozilla certdata.txt so the filenames show up as
191 proper UTF-8 strings.
193 -- Kurt Roeckx <kurt@roeckx.be> Thu, 21 Apr 2011 18:56:08 +0200
195 ca-certificates (20090814+nmu3) unstable; urgency=low
197 * Non-maintainer upload.
198 * Fix pending l10n issues. Debconf translations:
199 - French (Christian Perrier). Closes: #594231
200 - Danish (Joe Hansen). Closes: #601129
201 - Catalan (Jordi Mallach). Closes: #601089
202 - Brazilian Portuguese (Adriano Rafael Gomes). Closes: #618633
204 -- Christian Perrier <bubulle@debian.org> Sat, 19 Mar 2011 07:47:00 +0100
206 ca-certificates (20090814+nmu2) unstable; urgency=low
208 * Non-maintainer upload.
209 * Fixes buggy shell functions included in the postinst script.
212 -- Maximiliano Curia <maxy@debian.org> Fri, 13 Aug 2010 20:16:21 -0300
214 ca-certificates (20090814+nmu1) unstable; urgency=low
216 * Non-maintainer upload.
217 * Preserve user changes to the /etc/ca-certificates.conf.
220 -- Maximiliano Curia <maxy@debian.org> Fri, 30 Jul 2010 12:55:28 -0400
222 ca-certificates (20090814) unstable; urgency=low
224 * Call Debconf and its db_purge as early as possible in postrm.
227 -- Philipp Kern <pkern@debian.org> Fri, 14 Aug 2009 11:10:00 +0200
229 ca-certificates (20090709) unstable; urgency=low
231 * Fix purge by checking for `/etc/ssl/certs' first. (Closes: #536331)
233 -- Philipp Kern <pkern@debian.org> Thu, 09 Jul 2009 10:35:39 +0200
235 ca-certificates (20090708) unstable; urgency=low
238 - cacert.org/root.crt and cacert.org/class3.crt:
239 Both certificate files were deprecated with 20080809. Users of these
240 root certificates are encouraged to switch to
241 `cacert.org/cacert.org.crt' which contains both class 1 and class 3
242 roots joined in a single file.
243 - quovadis.bm/QuoVadis_Root_Certification_Authority.crt:
244 This certificate has been added into the Mozilla truststore and
245 is available as `mozilla/QuoVadis_Root_CA.crt'.
246 * Do not redirect c_rehash error messages to /dev/null.
248 * Remove dangling symlinks on purge, which also gets rid of the hash
249 symlink for ca-certificates.crt. (Closes: #475240)
250 * Use subshells when grepping for certificates in config, avoiding
251 SIGPIPE because of grep's immediate exit after it finds the pattern.
253 * Fix VERBOSE_ARG usage in update-ca-certificates. Thanks to
254 Robby Workman of Slackware.
255 * Updated Standards-Version and FSF portal address in the copyright file.
257 -- Philipp Kern <pkern@debian.org> Wed, 08 Jul 2009 23:19:56 +0200
259 ca-certificates (20090701) unstable; urgency=low
261 * Reactivated "Equifax Secure Global eBusiness CA". (Closes: #534674)
262 Rationale: The rogue collision CA has its validity period in the past.
263 Thus it does not impose a risk upon us at the moment.
264 * Restrict search for local certificates to add on files ending with '.crt'.
265 * Canonicalize PEM names by applying the same set of substitions to
266 local and other certificates like the Mozilla certdata dumper does.
268 -- Philipp Kern <pkern@debian.org> Wed, 01 Jul 2009 14:50:00 +0200
270 ca-certificates (20090624) unstable; urgency=low
272 * Allow local certificate installation. All certificates found
273 in `/usr/local/share/ca-certificates' will be automatically added
274 to the list of trusted certificates in `/etc/ssl/certs'.
275 (Closes: #352637, #419491, #473677, #476663, #511150)
276 * Updated Mozilla certificates from nss 3.12.3-1 (certdata.txt revision
278 + COMODO ECC Certification Authority
280 + Network Solutions Certificate Authority
281 + WellsSecure Public Root Certificate Authority
282 - Equifax Secure Global eBusiness CA
283 - UTN USERFirst Object Root CA
284 * Reimplemented the Mozilla certdata parser mainly to exclude explicitly
285 untrusted certificates. This led to the exclusion of the
286 "MD5 Collisions Forged Rogue CA 23c3" and its parent
287 "Equifax Secure Global eBusiness CA". Furthermore code signing-only
288 certificates are no longer included neither.
289 * Remove the purging of old PEM files in postinst dating back to
290 versions earlier than 20030414.
291 * Hooks are now called at every invocation of `update-ca-certificates'.
292 If no changes were done to `/etc/ssl/certs', the input for the
293 hooks will be empty, though. Failure exit codes of hooks will not
294 tear down the upgrade process anymore. They are printed but ignored.
296 -- Philipp Kern <pkern@debian.org> Tue, 24 Jun 2009 21:04:08 +0200
298 ca-certificates (20081127) unstable; urgency=low
300 * Remove /etc/ssl{,/certs} in postrm to please piuparts. (Closes:
303 -- Philipp Kern <pkern@debian.org> Thu, 27 Nov 2008 19:13:17 +0100
305 ca-certificates (20080809) unstable; urgency=low
307 * New cacert.org.pem joining both CACert Class 1 and Class 3 certificates.
308 This file can be used for proper certificate chaining if CACert
309 server certificates are used. The old class3.pem and root.pem
310 certificates are deprecated. This new file could safely serve as
311 a replacement for both. (Closes: #494343)
312 * This also reintroduces the old name for the CACert certificate,
313 thus closing a long-standing bug about its rename to root.crt.
316 -- Philipp Kern <pkern@debian.org> Sat, 09 Aug 2008 14:58:24 -0300
318 ca-certificates (20080617) unstable; urgency=low
320 * Added French Government's IGC/A CA (both DSA and RSA).
323 -- Philipp Kern <pkern@debian.org> Mon, 23 Jun 2008 20:55:53 +0200
325 ca-certificates (20080616) unstable; urgency=low
327 * Fix installation on pt_BR locales. The problem was caused by the
328 .templates choices strings being marked for translation, with pt_BR
329 being the only language which actually translated them. Thanks to
330 Ubuntu for the fix, which needs to be around until Lenny is released
331 or six months have passed, whichever is later. (Closes: #472507)
332 * Drop Fumitoshi from the list of maintainers. Farewell!
333 * Bump Standards-Version to 3.8.0.
335 -- Philipp Kern <pkern@debian.org> Mon, 16 Jun 2008 17:41:50 +0200
337 ca-certificates (20080514) unstable; urgency=medium
339 * Added the new SPI CA certificate, created in response to the latest
340 openssl security update.
341 * Removed old SPI CA certificates (2006, 2007) as CAs cannot be
342 revoked sensibly. Expired CA created in 2003, expired in 2007 left
343 around for reference.
344 * Updated the Galician translation, thanks to Glennie Vignarajah.
347 -- Philipp Kern <pkern@debian.org> Wed, 14 May 2008 10:03:42 +0200
349 ca-certificates (20080411) unstable; urgency=low
351 * Added the current SPI CA certificate, used by Debian's infrastructure.
352 * Added Deutsche Telekom Root CA 2, which is used by German institutions
354 * Updated mozilla certificates from trunk, which led to the following
355 adds (+) and removes (-):
356 + Camerfirma Chambers of Commerce Root
357 + Camerfirma Global Chambersign Root
358 + Certplus Class 2 Primary CA
359 + COMODO Certification Authority
360 + DigiCert Assured ID Root CA
361 + DigiCert Global Root CA
362 + DigiCert High Assurance EV Root CA
365 + Entrust Root Certification Authority
366 + Firmaprofesional Root CA
367 + GeoTrust Global CA 2
368 + GeoTrust Primary Certification Authority
369 + GeoTrust Universal CA
370 + GeoTrust Universal CA 2
371 + GlobalSign Root CA - R2
372 + Go Daddy Class 2 CA
373 + NetLock Business (Class B) Root
374 + NetLock Express (Class C) Root
375 + NetLock Notary (Class A) Root
376 + NetLock Qualified (Class QA) Root
381 + Starfield Class 2 CA
382 + StartCom Certification Authority
385 + SwissSign Gold CA - G2
386 + SwissSign Platinum CA - G2
387 + SwissSign Silver CA - G2
389 + thawte Primary Root CA
390 + TURKTRUST Certificate Services Provider Root 1
391 + TURKTRUST Certificate Services Provider Root 2
392 + VeriSign Class 3 Public Primary Certification Authority - G5
393 + Wells Fargo Root CA
394 + XRamp Global CA Root
395 - Verisign Class 1 Public Primary OCSP Responder
396 - Verisign Class 2 Public Primary OCSP Responder
397 - Verisign Class 3 Public Primary OCSP Responder
398 - Verisign Secure Server OCSP Responder
399 (Closes: #447062, #456581)
400 * Updated the Russian debconf translation, thanks to Mikhail Gusarov.
402 * Reworded the description and made it static to ease translations.
403 * Reworded and amended README.Debian.
404 * Added myself to the uploaders of this package.
405 * Applied a patch by Martin F. Krafft to support hooks scripts
406 on add/remove of a certificate. (Closes: #377314)
408 -- Philipp Kern <pkern@debian.org> Sat, 12 Apr 2008 17:35:26 +0200
410 ca-certificates (20070303-0.1) unstable; urgency=low
412 * Non-maintainer upload to fix longstanding pending l10n issues.
413 * Debconf templates and debian/control reviewed by the debian-l10n-
414 english team as part of the Smith review project.
415 Closes: #432249, #434789
416 * Debconf translation updates:
417 - Japanese. Closes:#433067
418 - Basque. Closes: #433074
419 - Spanish. Closes: #433078
420 - Czech. Closes: #433100
421 - Galician. Closes: #433215
422 - Russian. Closes: #433224
423 - Swedish. Closes: #433432
424 - Vietnamese. Closes: #433792, #427000, #434992
425 - Dutch. Closes: #434670
426 - German. Closes: #434788
427 - Italian. Closes: #435029
428 * Portuguese. Closes: #435471
429 * Finnish. Closes: #448826
430 * Remove /etc/ssl when purging the package (only if that
431 directory is empty). Closes: #454334
432 * [Lintian] Give a reference to the GPL text in debian/copyright
433 * [Lintian] No longer ignore errors from "make clean"
434 * [Lintian] Upgrade debhelper compatibility to 4 (with debian/compat).
436 -- Christian Perrier <bubulle@debian.org> Thu, 14 Feb 2008 19:52:37 +0100
438 ca-certificates (20070303) unstable; urgency=low
440 * Add debconf.org crt. closes: Bug#342088
441 * Add cacert class3 crt. closes: Bug#350282
442 * Add debian/po/pt.po. closes: Bug#408183
443 * Update debian/po/ru.po. closes: Bug#410770
444 * Update debian/po/pt_BR.po. closes: Bug#403824
445 * Add debian/po/gl.po. closes: Bug#407951
447 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 4 Mar 2007 14:12:23 +0900
449 ca-certificates (20061027.2) unstable; urgency=low
451 * Non-maintainer upload to fix an RC issue revealed by the last NMU.
452 * Avoid cd to /etc/ssl/certs to removing hash symlinks
455 -- Christian Perrier <bubulle@debian.org> Fri, 2 Feb 2007 07:23:27 +0100
457 ca-certificates (20061027.1) unstable; urgency=low
459 * Non-maintainer upload to fix remaining l10n issues
460 * Debconf translation updates:
461 - Czech. Closes: #407807
462 - Spanish. Closes: #401968
463 - German. Closes: #396942
464 * Add debconf-updatepo to the clean target in debian/rules
465 to guarantee up-to-date PO(T) files
467 -- Christian Perrier <bubulle@debian.org> Mon, 22 Jan 2007 18:56:53 +0100
470 ca-certificates (20061027) unstable; urgency=low
472 * sbin/update-ca-certificates:
473 in fresh mode, rm symlinks only point to /usr/share/ca-certificates.
474 preserve other symlinks. closes: Bug#387089
475 * debian/po/nl.po: updated
477 * debian/po/fr.po: updated
479 * debian/po/da.po: updated
482 -- Fumitoshi UKAI <ukai@debian.or.jp> Sat, 28 Oct 2006 02:28:50 +0900
484 ca-certificates (20060816) unstable; urgency=low
486 * debian/control: explicitly mention that trustworthiness of certificate
487 authorities is not evaluated.
489 * debian/templates: refine messages
491 * debian/postinst: remove tailing spaces to avoid unnecessary dpkg-old file.
493 * debian/control: libssl0.9.7->libssl0.9.8
495 * debian/postrm: remove .dpkg-old files
497 * debian/README.Debian: fix
499 * debian/postinst: fix typo
501 * debian/po/sv.po: added
503 * debian/po/es.po: added
505 * add new SPI CA certificate
506 submitted by Michael C. Schultheiss <schultmc@debian.org>
508 -- Fumitoshi UKAI <ukai@debian.or.jp> Thu, 17 Aug 2006 13:12:27 +0900
510 ca-certificates (20050804) unstable; urgency=low
512 * use ${misc:Depends} in debian/control for debconf
513 * update description in debian/control
515 * update debian/po/vi.po
517 * update debian/po/de.po
520 -- Fumitoshi UKAI <ukai@debian.or.jp> Thu, 4 Aug 2005 01:29:38 +0900
522 ca-certificates (20050518) unstable; urgency=high
524 * fix ca-certificates.crt generationumask-sensitive and racy
526 * update mozilla/certdata.txt
527 add: "Certum Root CA", "Comodo AAA Services root"
528 "Comodo Secure Services root",
529 "Comodo Trusted Services root",
530 "IPS Chained CAs root", "IPS CLASE1 root", "IPS CLASE3 root",
531 "IPS CLASEA1 root", "IPS CLASEA3 root", "IPS Servidores root"
532 "IPS Timestamping root",
534 "Security Communication Root CA",
535 "Sonera Class 1 Root CA", "Sonera Class 2 Root CA",
536 "Staat der Nederlanden Root CA",
537 "TDC Internet Root CA", "TDC OCES Root CA",
538 "UTN DATACorp SGC Root CA", "UTN USERFirst Email Root CA",
539 "UTN USERFirst Hardware Root CA", "UTN USERFirst Object Root CA"
540 * add CACert.org's Root CA
541 closes: Bug#213086, Bug#288293
542 * add debian/po/vi.po
544 * add debian/po/cs.po
546 * write "How certificate will be accepted in ca-certificates package"
549 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 18 May 2005 00:40:54 +0900
551 ca-certificates (20040809) unstable; urgency=low
553 * previous version was not fixed Bug#255933 correctly.
554 update-ca-certificates now remove symlinks of deselected entries
555 in ca-certificates.conf
558 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 9 Aug 2004 03:23:20 +0900
560 ca-certificates (20040808) unstable; urgency=low
562 * run update-ca-certificates by /bin/sh -e
564 * update-ca-certificates remove symlinks of deselected entries
565 in ca-certificates.conf
567 * change default of trust_new_crts from 'ask' to 'yes'
568 closes: Bug#218838, Bug#221527, Bug#236675, Bug#247509
569 * refer libssl0.9.7 instead of libssl0.9.6 in Enhances:
571 * add brasil.gov.br certs
573 * add Signet CA Roots certs
575 * add QuoVadis CA Roots certs
587 * fix quote characters in template
589 * remove debian.org, because certs used in db.debian.org has been
590 revoked due to debian.org crack incidents.
591 db.debian.org uses certificates using spi-inc.org Root CA.
593 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 8 Aug 2004 10:58:30 +0900
595 ca-certificates (20031007.1) unstable; urgency=low
598 * Add brasil.gov.br/brasil.gov.br.crt, created from
599 http://www.icpbrasil.gov.br/certificadoACRaiz.crt
600 * Add debian/po/pt_BR.po: closes: Bug#224612
602 -- Otavio Salvador <otavio@debian.org> Thu, 5 Aug 2004 12:16:26 -0300
604 ca-certificates (20031007) unstable; urgency=low
606 * add debian/po/ru.po: closes: Bug#214371
608 -- Fumitoshi UKAI <ukai@debian.or.jp> Tue, 7 Oct 2003 03:06:06 +0900
610 ca-certificates (20030924) unstable; urgency=low
612 * add debian/po/ja.po: closes: Bug#212565
614 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 24 Sep 2003 22:09:09 +0900
616 ca-certificates (20030916) unstable; urgency=low
618 * add debian/po/fr.po: closes: Bug#211224, Bug#206769
619 * debian/config: if new cert is asked, don't ask all available certs
622 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 17 Sep 2003 02:12:14 +0900
624 ca-certificates (20030915) unstable; urgency=low
626 * debian/config.in: fix typo. closes: Bug#190990
627 * add option for new CA certificates. closes: Bug#190989
628 * switch to gettext-based debconf templates. closes: Bug#205782
629 * update mozilla/certdata.txt from mozilla 1.4 release
631 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 15 Sep 2003 01:15:04 +0900
633 ca-certificates (20030420) unstable; urgency=low
635 * add README.Debian and update-ca-certificates(8). closes: Bug#189604
636 * fix broken English in debconf template. closes: Bug#189606
637 * don't remove symlinks in /etc/ssl/certs. closes: Bug#189607
638 * preserve comments in /etc/ca-certificates.conf when upgrading.
641 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 21 Apr 2003 00:06:01 +0900
643 ca-certificates (20030415) unstable; urgency=medium
645 * fix upgrade problem
646 closes: Bug#188938, Bug#188940
649 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 14 Apr 2003 23:00:58 +0900
651 ca-certificates (20030414) unstable; urgency=medium
653 * certificates are installed in /usr/share/ca-certificates
654 you can find md5sum of certs files. closes: Bug#170777
656 * debconf to generate /etc/ca-certificates.conf
657 * update-ca-certificates update /etc/ssl/certs according
658 /etc/ca-certificates.conf
659 It also generate /etc/ssl/certs/ca-certificates.crt
660 which is single-file version of certs.
663 * change extension from .pem to .crt in /usr/share/ca-certificates
665 application/x-x509-ca-cert crt
666 but it will be hardlink or copied in /etc/ssl/certs with .pem
667 extension by update-ca-certificates.
668 c_rehash requires .pem extension
670 * Update certificate from mozilla 2:1.3-4
671 mozilla/security/nss/lib/ckfw/builtins/certdata.txt
672 cefd05b299ea683fc6b1ce9ff1e23a3f mozilla/certdata.txt
674 * Add spi-inc.org/spi-ca.crt from http://www.spi-inc.org/secretary/
675 33922a1660820e44812e7ddc392878cb spi-inc.org/spi-ca.crt
676 % openssl x509 -in spi-inc.org/spi-ca.crt -fingerprint -noout
677 MD5 Fingerprint=ED:85:3A:FD:32:43:13:73:91:4D:94:06:C4:10:EB:E5
679 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 14 Apr 2003 00:02:48 +0900
681 ca-certificates (20020323) unstable; urgency=low
683 * Moved from non-US to main now that openssl has moved there.
685 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 24 Mar 2002 03:11:54 +0900
687 ca-certificates (20020208) unstable; urgency=low
689 * add db.debian.org certificate
691 -- Fumitoshi UKAI <ukai@debian.or.jp> Fri, 8 Feb 2002 23:46:11 +0900
693 ca-certificates (20020112) unstable; urgency=low
695 * upload to non-US instead of main, because it depends on openssl
696 (it uses c_rehash in openssl in maintainer scripts)
698 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 13 Jan 2002 04:30:28 +0900
700 ca-certificates (20020107) unstable; urgency=low
702 * Initial Release. closes: Bug#126586
704 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 7 Jan 2002 21:16:51 +0900