1 ca-certificates (20111024) UNRELEASED; urgency=low
4 * sbin/update-ca-certificates: move the ca-certificates.crt bundle out of
5 the way before calling c_rehash, so that symlinks don't accidentally get
6 pointed here, breaking openssl certificate verification LP: #854927
9 * Drop bogus c_rehash on upgrades, which caused issue when
10 ca-certificates.crt was still in place; instead, call
11 update-ca-certificates --fresh on upgrades to this version, and
12 the usual update-ca-certificates otherwise Closes: #643667
14 -- Michael Shuler <michael@pbandjelly.org> Mon, 24 Oct 2011 18:44:13 -0500
16 ca-certificates (20111023) unstable; urgency=low
18 * Add 3.0 (native) source format
19 * Add Vcs-Git/Browser fields
20 * Add myself as new Maintainer with Uploaders Closes: #588219
21 * Update mozilla/certdata.txt to latest (NSS branch version 1.64.2.13)
22 Certificates added (+) and removed (-):
23 + "AffirmTrust Commercial"
24 + "AffirmTrust Networking"
25 + "AffirmTrust Premium"
26 + "AffirmTrust Premium ECC"
28 + "Bogus Global Trustee"
33 + "Bogus Mozilla Addons"
38 + "Certinomis - Autorité Racine"
39 + "Certum Trusted Network CA"
40 + "Explicitly Distrust DigiNotar Cyber CA"
41 + "Explicitly Distrust DigiNotar Cyber CA 2nd"
42 + "Explicitly Distrust DigiNotar Root CA"
43 + "Explicitly Distrust DigiNotar Services 1024 CA"
44 + "Explicitly Distrusted DigiNotar PKIoverheid"
45 + "Explicitly Distrusted DigiNotar PKIoverheid G2"
46 + "Go Daddy Root Certificate Authority - G2"
47 + "Root CA Generalitat Valenciana"
48 + "Starfield Root Certificate Authority - G2"
49 + "Starfield Services Root Certificate Authority - G2"
50 + "TWCA Root Certification Authority"
51 - "AOL Time Warner Root Certification Authority 1"
52 - "AOL Time Warner Root Certification Authority 2"
54 - "Entrust.net Global Secure Personal CA"
55 - "Entrust.net Global Secure Server CA"
56 - "Entrust.net Secure Personal CA"
57 - "IPS Chained CAs root"
62 - "IPS Timestamping root"
63 - "Thawte Personal Freemail CA"
64 - "Thawte Time Stamping CA"
65 * "Bogus *" CAs above address Comodo MITM 03/11 Closes: #619587
66 * Update CAcert-Class 3-Subroot-certificate Closes: #630232
68 -- Michael Shuler <michael@pbandjelly.org> Sun, 23 Oct 2011 23:14:47 -0500
70 ca-certificates (20111022) unstable; urgency=low
73 * Fix pending l10n issues. Debconf translations:
74 - German (Helge Kreutzmann). Closes: #634000
75 - French (Christian Perrier). Closes: #634092
76 - Russian (Yuri Kozlov). Closes: #635146
77 - Swedish (Martin Bagge / brother). Closes: #640622
78 - Slovak (Slavko). Closes: #641987
79 - Spanish; (Javier Fernández-Sanguino). Closes: #642359
80 - Japanese (Kenshi Muto). Closes: #644828
81 - Czech (Miroslav Kure). Closes: #644843
82 - Danish (Joe Hansen). Closes: #644854
83 - Italian (Luca Monducci). Closes: #645004
84 - Dutch; (Jeroen Schot). Closes: #645090
85 - Portuguese (Miguel Figueiredo). Closes: #645126
86 - Galician (Jorge Barreiro). Closes: #645138
87 - Catalan; (Jordi Mallach). Closes: #645182
88 - Brazilian Portuguese (Adriano Rafael Gomes). Closes: #645526
89 * Split Choices in debconf templates
90 * Add build-arch and build-indep build targets
91 * Bump debhelper compatibility level to 8
92 * Bump Standards to 3.9.2 (checked)
93 * Replace "dh_clean -k" by dh_prep
95 -- Christian Perrier <bubulle@debian.org> Sat, 22 Oct 2011 14:24:00 +0200
97 ca-certificates (20110502+nmu1) unstable; urgency=high
99 * Non-maintainer upload by the Security Team.
100 * Blacklist "DigiNotar Root CA" (Closes: #639744)
102 -- Raphael Geissert <geissert@debian.org> Tue, 30 Aug 2011 21:00:55 -0500
104 ca-certificates (20110502) unstable; urgency=low
107 * Mark the package as multi-arch:foreign. (Closes: #622323)
108 * Use db_settitle in config script to allow translations of the
109 dialog title; thanks to Frans Pop. (Closes: #560314)
111 -- Philipp Kern <pkern@debian.org> Mon, 02 May 2011 19:27:50 +0200
113 ca-certificates (20110421) unstable; urgency=low
116 * Package is orphaned, set maintainer to QA group
117 * Depend on openssl 1.0.0 and force a call of c_rehash so that we have
118 both the old and new style of symlinks. (Closes: #611102)
119 * Remove libssl0.9.8 from enhances
120 * Update mozilla certdata.txt file to the latest version.
122 - ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt
123 - beTRUSTed_Root_CA-Baltimore_Implementation.crt
124 - beTRUSTed_Root_CA.crt
125 - beTRUSTed_Root_CA_-_Entrust_Implementation.crt
126 - beTRUSTed_Root_CA_-_RSA_Implementation.crt
127 - Digital_Signature_Trust_Co._Global_CA_2.crt
128 - Digital_Signature_Trust_Co._Global_CA_4.crt
129 - Entrust.net_Global_Secure_Personal_CA.crt
130 - Entrust.net_Global_Secure_Server_CA.crt
131 - Entrust.net_Secure_Personal_CA.crt
132 - GTE_CyberTrust_Root_CA.crt
133 - IPS_Chained_CAs_root.crt
134 - IPS_CLASE1_root.crt
135 - IPS_CLASE3_root.crt
136 - IPS_CLASEA1_root.crt
137 - IPS_CLASEA3_root.crt
138 - IPS_Servidores_root.crt
139 - IPS_Timestamping_root.crt
140 - RSA_Security_1024_v3.crt
142 - Thawte_Personal_Basic_CA.crt
143 - Thawte_Personal_Premium_CA.crt
144 - UTN-USER_First-Network_Applications.crt
145 - Verisign_RSA_Secure_Server_CA.crt
146 - Verisign_Time_Stamping_Authority_CA.crt
147 - Visa_International_Global_Root_2.crt
150 - AC_Raíz_Certicámara_S.A..crt
151 - ApplicationCA_-_Japanese_Government.crt
152 - Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
153 - Buypass_Class_2_CA_1.crt
154 - Buypass_Class_3_CA_1.crt
157 - certSIGN_ROOT_CA.crt
158 - Chambers_of_Commerce_Root_-_2008.crt
161 - ComSign_Secured_CA.crt
162 - Cybertrust_Global_Root.crt
163 - Deutsche_Telekom_Root_CA_2.crt
164 - EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.crt
165 - E-Guven_Kok_Elektronik_Sertifika_Hizmet_Saglayicisi.crt
166 - ePKI_Root_Certification_Authority.crt
167 - GeoTrust_Primary_Certification_Authority_-_G2.crt
168 - GeoTrust_Primary_Certification_Authority_-_G3.crt
169 - Global_Chambersign_Root_-_2008.crt
170 - GlobalSign_Root_CA_-_R3.crt
171 - Hongkong_Post_Root_CA_1.crt
175 - Microsec_e-Szigno_Root_CA_2009.crt
176 - Microsec_e-Szigno_Root_CA.crt
177 - NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt
178 - OISTE_WISeKey_Global_Root_GA_CA.crt
179 - SecureSign_RootCA11.crt
180 - Security_Communication_EV_RootCA1.crt
181 - Staat_der_Nederlanden_Root_CA_-_G2.crt
182 - S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.crt
183 - TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.crt
184 - TC_TrustCenter_Class_2_CA_II.crt
185 - TC_TrustCenter_Class_3_CA_II.crt
186 - TC_TrustCenter_Universal_CA_I.crt
187 - TC_TrustCenter_Universal_CA_III.crt
188 - thawte_Primary_Root_CA_-_G2.crt
189 - thawte_Primary_Root_CA_-_G3.crt
190 - VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt
191 - VeriSign_Universal_Root_Certification_Authority.crt
193 - Verisign_Class_1_Public_Primary_Certification_Authority.crt
194 - Verisign_Class_3_Public_Primary_Certification_Authority.crt
195 * Remove telesec.de/deutsche-telekom-root-ca-2.crt, now in mozilla.
196 * String decode the mozilla certdata.txt so the filenames show up as
197 proper UTF-8 strings.
199 -- Kurt Roeckx <kurt@roeckx.be> Thu, 21 Apr 2011 18:56:08 +0200
201 ca-certificates (20090814+nmu3) unstable; urgency=low
203 * Non-maintainer upload.
204 * Fix pending l10n issues. Debconf translations:
205 - French (Christian Perrier). Closes: #594231
206 - Danish (Joe Hansen). Closes: #601129
207 - Catalan (Jordi Mallach). Closes: #601089
208 - Brazilian Portuguese (Adriano Rafael Gomes). Closes: #618633
210 -- Christian Perrier <bubulle@debian.org> Sat, 19 Mar 2011 07:47:00 +0100
212 ca-certificates (20090814+nmu2) unstable; urgency=low
214 * Non-maintainer upload.
215 * Fixes buggy shell functions included in the postinst script.
218 -- Maximiliano Curia <maxy@debian.org> Fri, 13 Aug 2010 20:16:21 -0300
220 ca-certificates (20090814+nmu1) unstable; urgency=low
222 * Non-maintainer upload.
223 * Preserve user changes to the /etc/ca-certificates.conf.
226 -- Maximiliano Curia <maxy@debian.org> Fri, 30 Jul 2010 12:55:28 -0400
228 ca-certificates (20090814) unstable; urgency=low
230 * Call Debconf and its db_purge as early as possible in postrm.
233 -- Philipp Kern <pkern@debian.org> Fri, 14 Aug 2009 11:10:00 +0200
235 ca-certificates (20090709) unstable; urgency=low
237 * Fix purge by checking for `/etc/ssl/certs' first. (Closes: #536331)
239 -- Philipp Kern <pkern@debian.org> Thu, 09 Jul 2009 10:35:39 +0200
241 ca-certificates (20090708) unstable; urgency=low
244 - cacert.org/root.crt and cacert.org/class3.crt:
245 Both certificate files were deprecated with 20080809. Users of these
246 root certificates are encouraged to switch to
247 `cacert.org/cacert.org.crt' which contains both class 1 and class 3
248 roots joined in a single file.
249 - quovadis.bm/QuoVadis_Root_Certification_Authority.crt:
250 This certificate has been added into the Mozilla truststore and
251 is available as `mozilla/QuoVadis_Root_CA.crt'.
252 * Do not redirect c_rehash error messages to /dev/null.
254 * Remove dangling symlinks on purge, which also gets rid of the hash
255 symlink for ca-certificates.crt. (Closes: #475240)
256 * Use subshells when grepping for certificates in config, avoiding
257 SIGPIPE because of grep's immediate exit after it finds the pattern.
259 * Fix VERBOSE_ARG usage in update-ca-certificates. Thanks to
260 Robby Workman of Slackware.
261 * Updated Standards-Version and FSF portal address in the copyright file.
263 -- Philipp Kern <pkern@debian.org> Wed, 08 Jul 2009 23:19:56 +0200
265 ca-certificates (20090701) unstable; urgency=low
267 * Reactivated "Equifax Secure Global eBusiness CA". (Closes: #534674)
268 Rationale: The rogue collision CA has its validity period in the past.
269 Thus it does not impose a risk upon us at the moment.
270 * Restrict search for local certificates to add on files ending with '.crt'.
271 * Canonicalize PEM names by applying the same set of substitions to
272 local and other certificates like the Mozilla certdata dumper does.
274 -- Philipp Kern <pkern@debian.org> Wed, 01 Jul 2009 14:50:00 +0200
276 ca-certificates (20090624) unstable; urgency=low
278 * Allow local certificate installation. All certificates found
279 in `/usr/local/share/ca-certificates' will be automatically added
280 to the list of trusted certificates in `/etc/ssl/certs'.
281 (Closes: #352637, #419491, #473677, #476663, #511150)
282 * Updated Mozilla certificates from nss 3.12.3-1 (certdata.txt revision
284 + COMODO ECC Certification Authority
286 + Network Solutions Certificate Authority
287 + WellsSecure Public Root Certificate Authority
288 - Equifax Secure Global eBusiness CA
289 - UTN USERFirst Object Root CA
290 * Reimplemented the Mozilla certdata parser mainly to exclude explicitly
291 untrusted certificates. This led to the exclusion of the
292 "MD5 Collisions Forged Rogue CA 23c3" and its parent
293 "Equifax Secure Global eBusiness CA". Furthermore code signing-only
294 certificates are no longer included neither.
295 * Remove the purging of old PEM files in postinst dating back to
296 versions earlier than 20030414.
297 * Hooks are now called at every invocation of `update-ca-certificates'.
298 If no changes were done to `/etc/ssl/certs', the input for the
299 hooks will be empty, though. Failure exit codes of hooks will not
300 tear down the upgrade process anymore. They are printed but ignored.
302 -- Philipp Kern <pkern@debian.org> Tue, 24 Jun 2009 21:04:08 +0200
304 ca-certificates (20081127) unstable; urgency=low
306 * Remove /etc/ssl{,/certs} in postrm to please piuparts. (Closes:
309 -- Philipp Kern <pkern@debian.org> Thu, 27 Nov 2008 19:13:17 +0100
311 ca-certificates (20080809) unstable; urgency=low
313 * New cacert.org.pem joining both CACert Class 1 and Class 3 certificates.
314 This file can be used for proper certificate chaining if CACert
315 server certificates are used. The old class3.pem and root.pem
316 certificates are deprecated. This new file could safely serve as
317 a replacement for both. (Closes: #494343)
318 * This also reintroduces the old name for the CACert certificate,
319 thus closing a long-standing bug about its rename to root.crt.
322 -- Philipp Kern <pkern@debian.org> Sat, 09 Aug 2008 14:58:24 -0300
324 ca-certificates (20080617) unstable; urgency=low
326 * Added French Government's IGC/A CA (both DSA and RSA).
329 -- Philipp Kern <pkern@debian.org> Mon, 23 Jun 2008 20:55:53 +0200
331 ca-certificates (20080616) unstable; urgency=low
333 * Fix installation on pt_BR locales. The problem was caused by the
334 .templates choices strings being marked for translation, with pt_BR
335 being the only language which actually translated them. Thanks to
336 Ubuntu for the fix, which needs to be around until Lenny is released
337 or six months have passed, whichever is later. (Closes: #472507)
338 * Drop Fumitoshi from the list of maintainers. Farewell!
339 * Bump Standards-Version to 3.8.0.
341 -- Philipp Kern <pkern@debian.org> Mon, 16 Jun 2008 17:41:50 +0200
343 ca-certificates (20080514) unstable; urgency=medium
345 * Added the new SPI CA certificate, created in response to the latest
346 openssl security update.
347 * Removed old SPI CA certificates (2006, 2007) as CAs cannot be
348 revoked sensibly. Expired CA created in 2003, expired in 2007 left
349 around for reference.
350 * Updated the Galician translation, thanks to Glennie Vignarajah.
353 -- Philipp Kern <pkern@debian.org> Wed, 14 May 2008 10:03:42 +0200
355 ca-certificates (20080411) unstable; urgency=low
357 * Added the current SPI CA certificate, used by Debian's infrastructure.
358 * Added Deutsche Telekom Root CA 2, which is used by German institutions
360 * Updated mozilla certificates from trunk, which led to the following
361 adds (+) and removes (-):
362 + Camerfirma Chambers of Commerce Root
363 + Camerfirma Global Chambersign Root
364 + Certplus Class 2 Primary CA
365 + COMODO Certification Authority
366 + DigiCert Assured ID Root CA
367 + DigiCert Global Root CA
368 + DigiCert High Assurance EV Root CA
371 + Entrust Root Certification Authority
372 + Firmaprofesional Root CA
373 + GeoTrust Global CA 2
374 + GeoTrust Primary Certification Authority
375 + GeoTrust Universal CA
376 + GeoTrust Universal CA 2
377 + GlobalSign Root CA - R2
378 + Go Daddy Class 2 CA
379 + NetLock Business (Class B) Root
380 + NetLock Express (Class C) Root
381 + NetLock Notary (Class A) Root
382 + NetLock Qualified (Class QA) Root
387 + Starfield Class 2 CA
388 + StartCom Certification Authority
391 + SwissSign Gold CA - G2
392 + SwissSign Platinum CA - G2
393 + SwissSign Silver CA - G2
395 + thawte Primary Root CA
396 + TURKTRUST Certificate Services Provider Root 1
397 + TURKTRUST Certificate Services Provider Root 2
398 + VeriSign Class 3 Public Primary Certification Authority - G5
399 + Wells Fargo Root CA
400 + XRamp Global CA Root
401 - Verisign Class 1 Public Primary OCSP Responder
402 - Verisign Class 2 Public Primary OCSP Responder
403 - Verisign Class 3 Public Primary OCSP Responder
404 - Verisign Secure Server OCSP Responder
405 (Closes: #447062, #456581)
406 * Updated the Russian debconf translation, thanks to Mikhail Gusarov.
408 * Reworded the description and made it static to ease translations.
409 * Reworded and amended README.Debian.
410 * Added myself to the uploaders of this package.
411 * Applied a patch by Martin F. Krafft to support hooks scripts
412 on add/remove of a certificate. (Closes: #377314)
414 -- Philipp Kern <pkern@debian.org> Sat, 12 Apr 2008 17:35:26 +0200
416 ca-certificates (20070303-0.1) unstable; urgency=low
418 * Non-maintainer upload to fix longstanding pending l10n issues.
419 * Debconf templates and debian/control reviewed by the debian-l10n-
420 english team as part of the Smith review project.
421 Closes: #432249, #434789
422 * Debconf translation updates:
423 - Japanese. Closes:#433067
424 - Basque. Closes: #433074
425 - Spanish. Closes: #433078
426 - Czech. Closes: #433100
427 - Galician. Closes: #433215
428 - Russian. Closes: #433224
429 - Swedish. Closes: #433432
430 - Vietnamese. Closes: #433792, #427000, #434992
431 - Dutch. Closes: #434670
432 - German. Closes: #434788
433 - Italian. Closes: #435029
434 * Portuguese. Closes: #435471
435 * Finnish. Closes: #448826
436 * Remove /etc/ssl when purging the package (only if that
437 directory is empty). Closes: #454334
438 * [Lintian] Give a reference to the GPL text in debian/copyright
439 * [Lintian] No longer ignore errors from "make clean"
440 * [Lintian] Upgrade debhelper compatibility to 4 (with debian/compat).
442 -- Christian Perrier <bubulle@debian.org> Thu, 14 Feb 2008 19:52:37 +0100
444 ca-certificates (20070303) unstable; urgency=low
446 * Add debconf.org crt. closes: Bug#342088
447 * Add cacert class3 crt. closes: Bug#350282
448 * Add debian/po/pt.po. closes: Bug#408183
449 * Update debian/po/ru.po. closes: Bug#410770
450 * Update debian/po/pt_BR.po. closes: Bug#403824
451 * Add debian/po/gl.po. closes: Bug#407951
453 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 4 Mar 2007 14:12:23 +0900
455 ca-certificates (20061027.2) unstable; urgency=low
457 * Non-maintainer upload to fix an RC issue revealed by the last NMU.
458 * Avoid cd to /etc/ssl/certs to removing hash symlinks
461 -- Christian Perrier <bubulle@debian.org> Fri, 2 Feb 2007 07:23:27 +0100
463 ca-certificates (20061027.1) unstable; urgency=low
465 * Non-maintainer upload to fix remaining l10n issues
466 * Debconf translation updates:
467 - Czech. Closes: #407807
468 - Spanish. Closes: #401968
469 - German. Closes: #396942
470 * Add debconf-updatepo to the clean target in debian/rules
471 to guarantee up-to-date PO(T) files
473 -- Christian Perrier <bubulle@debian.org> Mon, 22 Jan 2007 18:56:53 +0100
476 ca-certificates (20061027) unstable; urgency=low
478 * sbin/update-ca-certificates:
479 in fresh mode, rm symlinks only point to /usr/share/ca-certificates.
480 preserve other symlinks. closes: Bug#387089
481 * debian/po/nl.po: updated
483 * debian/po/fr.po: updated
485 * debian/po/da.po: updated
488 -- Fumitoshi UKAI <ukai@debian.or.jp> Sat, 28 Oct 2006 02:28:50 +0900
490 ca-certificates (20060816) unstable; urgency=low
492 * debian/control: explicitly mention that trustworthiness of certificate
493 authorities is not evaluated.
495 * debian/templates: refine messages
497 * debian/postinst: remove tailing spaces to avoid unnecessary dpkg-old file.
499 * debian/control: libssl0.9.7->libssl0.9.8
501 * debian/postrm: remove .dpkg-old files
503 * debian/README.Debian: fix
505 * debian/postinst: fix typo
507 * debian/po/sv.po: added
509 * debian/po/es.po: added
511 * add new SPI CA certificate
512 submitted by Michael C. Schultheiss <schultmc@debian.org>
514 -- Fumitoshi UKAI <ukai@debian.or.jp> Thu, 17 Aug 2006 13:12:27 +0900
516 ca-certificates (20050804) unstable; urgency=low
518 * use ${misc:Depends} in debian/control for debconf
519 * update description in debian/control
521 * update debian/po/vi.po
523 * update debian/po/de.po
526 -- Fumitoshi UKAI <ukai@debian.or.jp> Thu, 4 Aug 2005 01:29:38 +0900
528 ca-certificates (20050518) unstable; urgency=high
530 * fix ca-certificates.crt generationumask-sensitive and racy
532 * update mozilla/certdata.txt
533 add: "Certum Root CA", "Comodo AAA Services root"
534 "Comodo Secure Services root",
535 "Comodo Trusted Services root",
536 "IPS Chained CAs root", "IPS CLASE1 root", "IPS CLASE3 root",
537 "IPS CLASEA1 root", "IPS CLASEA3 root", "IPS Servidores root"
538 "IPS Timestamping root",
540 "Security Communication Root CA",
541 "Sonera Class 1 Root CA", "Sonera Class 2 Root CA",
542 "Staat der Nederlanden Root CA",
543 "TDC Internet Root CA", "TDC OCES Root CA",
544 "UTN DATACorp SGC Root CA", "UTN USERFirst Email Root CA",
545 "UTN USERFirst Hardware Root CA", "UTN USERFirst Object Root CA"
546 * add CACert.org's Root CA
547 closes: Bug#213086, Bug#288293
548 * add debian/po/vi.po
550 * add debian/po/cs.po
552 * write "How certificate will be accepted in ca-certificates package"
555 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 18 May 2005 00:40:54 +0900
557 ca-certificates (20040809) unstable; urgency=low
559 * previous version was not fixed Bug#255933 correctly.
560 update-ca-certificates now remove symlinks of deselected entries
561 in ca-certificates.conf
564 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 9 Aug 2004 03:23:20 +0900
566 ca-certificates (20040808) unstable; urgency=low
568 * run update-ca-certificates by /bin/sh -e
570 * update-ca-certificates remove symlinks of deselected entries
571 in ca-certificates.conf
573 * change default of trust_new_crts from 'ask' to 'yes'
574 closes: Bug#218838, Bug#221527, Bug#236675, Bug#247509
575 * refer libssl0.9.7 instead of libssl0.9.6 in Enhances:
577 * add brasil.gov.br certs
579 * add Signet CA Roots certs
581 * add QuoVadis CA Roots certs
593 * fix quote characters in template
595 * remove debian.org, because certs used in db.debian.org has been
596 revoked due to debian.org crack incidents.
597 db.debian.org uses certificates using spi-inc.org Root CA.
599 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 8 Aug 2004 10:58:30 +0900
601 ca-certificates (20031007.1) unstable; urgency=low
604 * Add brasil.gov.br/brasil.gov.br.crt, created from
605 http://www.icpbrasil.gov.br/certificadoACRaiz.crt
606 * Add debian/po/pt_BR.po: closes: Bug#224612
608 -- Otavio Salvador <otavio@debian.org> Thu, 5 Aug 2004 12:16:26 -0300
610 ca-certificates (20031007) unstable; urgency=low
612 * add debian/po/ru.po: closes: Bug#214371
614 -- Fumitoshi UKAI <ukai@debian.or.jp> Tue, 7 Oct 2003 03:06:06 +0900
616 ca-certificates (20030924) unstable; urgency=low
618 * add debian/po/ja.po: closes: Bug#212565
620 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 24 Sep 2003 22:09:09 +0900
622 ca-certificates (20030916) unstable; urgency=low
624 * add debian/po/fr.po: closes: Bug#211224, Bug#206769
625 * debian/config: if new cert is asked, don't ask all available certs
628 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 17 Sep 2003 02:12:14 +0900
630 ca-certificates (20030915) unstable; urgency=low
632 * debian/config.in: fix typo. closes: Bug#190990
633 * add option for new CA certificates. closes: Bug#190989
634 * switch to gettext-based debconf templates. closes: Bug#205782
635 * update mozilla/certdata.txt from mozilla 1.4 release
637 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 15 Sep 2003 01:15:04 +0900
639 ca-certificates (20030420) unstable; urgency=low
641 * add README.Debian and update-ca-certificates(8). closes: Bug#189604
642 * fix broken English in debconf template. closes: Bug#189606
643 * don't remove symlinks in /etc/ssl/certs. closes: Bug#189607
644 * preserve comments in /etc/ca-certificates.conf when upgrading.
647 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 21 Apr 2003 00:06:01 +0900
649 ca-certificates (20030415) unstable; urgency=medium
651 * fix upgrade problem
652 closes: Bug#188938, Bug#188940
655 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 14 Apr 2003 23:00:58 +0900
657 ca-certificates (20030414) unstable; urgency=medium
659 * certificates are installed in /usr/share/ca-certificates
660 you can find md5sum of certs files. closes: Bug#170777
662 * debconf to generate /etc/ca-certificates.conf
663 * update-ca-certificates update /etc/ssl/certs according
664 /etc/ca-certificates.conf
665 It also generate /etc/ssl/certs/ca-certificates.crt
666 which is single-file version of certs.
669 * change extension from .pem to .crt in /usr/share/ca-certificates
671 application/x-x509-ca-cert crt
672 but it will be hardlink or copied in /etc/ssl/certs with .pem
673 extension by update-ca-certificates.
674 c_rehash requires .pem extension
676 * Update certificate from mozilla 2:1.3-4
677 mozilla/security/nss/lib/ckfw/builtins/certdata.txt
678 cefd05b299ea683fc6b1ce9ff1e23a3f mozilla/certdata.txt
680 * Add spi-inc.org/spi-ca.crt from http://www.spi-inc.org/secretary/
681 33922a1660820e44812e7ddc392878cb spi-inc.org/spi-ca.crt
682 % openssl x509 -in spi-inc.org/spi-ca.crt -fingerprint -noout
683 MD5 Fingerprint=ED:85:3A:FD:32:43:13:73:91:4D:94:06:C4:10:EB:E5
685 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 14 Apr 2003 00:02:48 +0900
687 ca-certificates (20020323) unstable; urgency=low
689 * Moved from non-US to main now that openssl has moved there.
691 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 24 Mar 2002 03:11:54 +0900
693 ca-certificates (20020208) unstable; urgency=low
695 * add db.debian.org certificate
697 -- Fumitoshi UKAI <ukai@debian.or.jp> Fri, 8 Feb 2002 23:46:11 +0900
699 ca-certificates (20020112) unstable; urgency=low
701 * upload to non-US instead of main, because it depends on openssl
702 (it uses c_rehash in openssl in maintainer scripts)
704 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 13 Jan 2002 04:30:28 +0900
706 ca-certificates (20020107) unstable; urgency=low
708 * Initial Release. closes: Bug#126586
710 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 7 Jan 2002 21:16:51 +0900