1 ca-certificates (20111025.4) UNRELEASED; urgency=low
3 * Clarify CA audit note in package description and README.debian. Thanks
4 to C.J. Adams-Collier for the patch. Closes: #594383
5 * Remove French Government IGC/A CA certificates. The RSA certificate is
6 included in the Mozilla bundle and the DSA certificate is not in use.
8 * Remove expired signet.pl CAs. Closes: #647849
9 * Remove expired brasil.gov.br CA.
10 * Edit 20111025 changelog/NEWS entries to correctly list installed CAs
11 * Use 'set -e' in body of debian/postinst
12 * Update mozilla/certdata.txt to primary Mozilla repository version 1.80
13 (no added/removed CAs)
15 -- Michael Shuler <michael@pbandjelly.org> Sun, 11 Dec 2011 15:00:20 -0600
17 ca-certificates (20111025) unstable; urgency=low
20 * Add 3.0 (native) source format
21 * Add Vcs-Git/Browser fields
22 * Add myself as new Maintainer with Uploaders Closes: #588219
23 * Update mozilla/certdata.txt to latest (NSS branch version 1.64.2.13)
24 Certificates added (+) and removed (-):
25 + "AffirmTrust Commercial"
26 + "AffirmTrust Networking"
27 + "AffirmTrust Premium"
28 + "AffirmTrust Premium ECC"
30 + "Certinomis - Autorité Racine"
31 + "Certum Trusted Network CA"
32 + "Go Daddy Root Certificate Authority - G2"
33 + "Root CA Generalitat Valenciana"
34 + "Starfield Root Certificate Authority - G2"
35 + "Starfield Services Root Certificate Authority - G2"
36 + "TWCA Root Certification Authority"
37 - "AOL Time Warner Root Certification Authority 1"
38 - "AOL Time Warner Root Certification Authority 2"
40 - "Entrust.net Global Secure Personal CA"
41 - "Entrust.net Global Secure Server CA"
42 - "Entrust.net Secure Personal CA"
43 - "IPS Chained CAs root"
48 - "IPS Timestamping root"
49 - "Thawte Personal Freemail CA"
50 - "Thawte Time Stamping CA"
51 * Update CAcert-Class 3-Subroot-certificate Closes: #630232
54 * sbin/update-ca-certificates: move the ca-certificates.crt bundle out of
55 the way before calling c_rehash, so that symlinks don't accidentally get
56 pointed here, breaking openssl certificate verification LP: #854927
59 * Drop bogus c_rehash on upgrades, which caused issue when
60 ca-certificates.crt was still in place; instead, call
61 update-ca-certificates --fresh on upgrades to this version, and
62 the usual update-ca-certificates otherwise Closes: #643667, #537382
64 -- Michael Shuler <michael@pbandjelly.org> Tue, 25 Oct 2011 09:12:10 -0500
66 ca-certificates (20111022) unstable; urgency=low
69 * Fix pending l10n issues. Debconf translations:
70 - German (Helge Kreutzmann). Closes: #634000
71 - French (Christian Perrier). Closes: #634092
72 - Russian (Yuri Kozlov). Closes: #635146
73 - Swedish (Martin Bagge / brother). Closes: #640622
74 - Slovak (Slavko). Closes: #641987
75 - Spanish; (Javier Fernández-Sanguino). Closes: #642359
76 - Japanese (Kenshi Muto). Closes: #644828
77 - Czech (Miroslav Kure). Closes: #644843
78 - Danish (Joe Hansen). Closes: #644854
79 - Italian (Luca Monducci). Closes: #645004
80 - Dutch; (Jeroen Schot). Closes: #645090
81 - Portuguese (Miguel Figueiredo). Closes: #645126
82 - Galician (Jorge Barreiro). Closes: #645138
83 - Catalan; (Jordi Mallach). Closes: #645182
84 - Brazilian Portuguese (Adriano Rafael Gomes). Closes: #645526
85 * Split Choices in debconf templates
86 * Add build-arch and build-indep build targets
87 * Bump debhelper compatibility level to 8
88 * Bump Standards to 3.9.2 (checked)
89 * Replace "dh_clean -k" by dh_prep
91 -- Christian Perrier <bubulle@debian.org> Sat, 22 Oct 2011 14:24:00 +0200
93 ca-certificates (20110502+nmu1) unstable; urgency=high
95 * Non-maintainer upload by the Security Team.
96 * Blacklist "DigiNotar Root CA" (Closes: #639744)
98 -- Raphael Geissert <geissert@debian.org> Tue, 30 Aug 2011 21:00:55 -0500
100 ca-certificates (20110502) unstable; urgency=low
103 * Mark the package as multi-arch:foreign. (Closes: #622323)
104 * Use db_settitle in config script to allow translations of the
105 dialog title; thanks to Frans Pop. (Closes: #560314)
107 -- Philipp Kern <pkern@debian.org> Mon, 02 May 2011 19:27:50 +0200
109 ca-certificates (20110421) unstable; urgency=low
112 * Package is orphaned, set maintainer to QA group
113 * Depend on openssl 1.0.0 and force a call of c_rehash so that we have
114 both the old and new style of symlinks. (Closes: #611102)
115 * Remove libssl0.9.8 from enhances
116 * Update mozilla certdata.txt file to the latest version.
118 - ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt
119 - beTRUSTed_Root_CA-Baltimore_Implementation.crt
120 - beTRUSTed_Root_CA.crt
121 - beTRUSTed_Root_CA_-_Entrust_Implementation.crt
122 - beTRUSTed_Root_CA_-_RSA_Implementation.crt
123 - Digital_Signature_Trust_Co._Global_CA_2.crt
124 - Digital_Signature_Trust_Co._Global_CA_4.crt
125 - Entrust.net_Global_Secure_Personal_CA.crt
126 - Entrust.net_Global_Secure_Server_CA.crt
127 - Entrust.net_Secure_Personal_CA.crt
128 - GTE_CyberTrust_Root_CA.crt
129 - IPS_Chained_CAs_root.crt
130 - IPS_CLASE1_root.crt
131 - IPS_CLASE3_root.crt
132 - IPS_CLASEA1_root.crt
133 - IPS_CLASEA3_root.crt
134 - IPS_Servidores_root.crt
135 - IPS_Timestamping_root.crt
136 - RSA_Security_1024_v3.crt
138 - Thawte_Personal_Basic_CA.crt
139 - Thawte_Personal_Premium_CA.crt
140 - UTN-USER_First-Network_Applications.crt
141 - Verisign_RSA_Secure_Server_CA.crt
142 - Verisign_Time_Stamping_Authority_CA.crt
143 - Visa_International_Global_Root_2.crt
146 - AC_Raíz_Certicámara_S.A..crt
147 - ApplicationCA_-_Japanese_Government.crt
148 - Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
149 - Buypass_Class_2_CA_1.crt
150 - Buypass_Class_3_CA_1.crt
153 - certSIGN_ROOT_CA.crt
154 - Chambers_of_Commerce_Root_-_2008.crt
157 - ComSign_Secured_CA.crt
158 - Cybertrust_Global_Root.crt
159 - Deutsche_Telekom_Root_CA_2.crt
160 - EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.crt
161 - E-Guven_Kok_Elektronik_Sertifika_Hizmet_Saglayicisi.crt
162 - ePKI_Root_Certification_Authority.crt
163 - GeoTrust_Primary_Certification_Authority_-_G2.crt
164 - GeoTrust_Primary_Certification_Authority_-_G3.crt
165 - Global_Chambersign_Root_-_2008.crt
166 - GlobalSign_Root_CA_-_R3.crt
167 - Hongkong_Post_Root_CA_1.crt
171 - Microsec_e-Szigno_Root_CA_2009.crt
172 - Microsec_e-Szigno_Root_CA.crt
173 - NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt
174 - OISTE_WISeKey_Global_Root_GA_CA.crt
175 - SecureSign_RootCA11.crt
176 - Security_Communication_EV_RootCA1.crt
177 - Staat_der_Nederlanden_Root_CA_-_G2.crt
178 - S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.crt
179 - TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.crt
180 - TC_TrustCenter_Class_2_CA_II.crt
181 - TC_TrustCenter_Class_3_CA_II.crt
182 - TC_TrustCenter_Universal_CA_I.crt
183 - TC_TrustCenter_Universal_CA_III.crt
184 - thawte_Primary_Root_CA_-_G2.crt
185 - thawte_Primary_Root_CA_-_G3.crt
186 - VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt
187 - VeriSign_Universal_Root_Certification_Authority.crt
189 - Verisign_Class_1_Public_Primary_Certification_Authority.crt
190 - Verisign_Class_3_Public_Primary_Certification_Authority.crt
191 * Remove telesec.de/deutsche-telekom-root-ca-2.crt, now in mozilla.
192 * String decode the mozilla certdata.txt so the filenames show up as
193 proper UTF-8 strings.
195 -- Kurt Roeckx <kurt@roeckx.be> Thu, 21 Apr 2011 18:56:08 +0200
197 ca-certificates (20090814+nmu3) unstable; urgency=low
199 * Non-maintainer upload.
200 * Fix pending l10n issues. Debconf translations:
201 - French (Christian Perrier). Closes: #594231
202 - Danish (Joe Hansen). Closes: #601129
203 - Catalan (Jordi Mallach). Closes: #601089
204 - Brazilian Portuguese (Adriano Rafael Gomes). Closes: #618633
206 -- Christian Perrier <bubulle@debian.org> Sat, 19 Mar 2011 07:47:00 +0100
208 ca-certificates (20090814+nmu2) unstable; urgency=low
210 * Non-maintainer upload.
211 * Fixes buggy shell functions included in the postinst script.
214 -- Maximiliano Curia <maxy@debian.org> Fri, 13 Aug 2010 20:16:21 -0300
216 ca-certificates (20090814+nmu1) unstable; urgency=low
218 * Non-maintainer upload.
219 * Preserve user changes to the /etc/ca-certificates.conf.
222 -- Maximiliano Curia <maxy@debian.org> Fri, 30 Jul 2010 12:55:28 -0400
224 ca-certificates (20090814) unstable; urgency=low
226 * Call Debconf and its db_purge as early as possible in postrm.
229 -- Philipp Kern <pkern@debian.org> Fri, 14 Aug 2009 11:10:00 +0200
231 ca-certificates (20090709) unstable; urgency=low
233 * Fix purge by checking for `/etc/ssl/certs' first. (Closes: #536331)
235 -- Philipp Kern <pkern@debian.org> Thu, 09 Jul 2009 10:35:39 +0200
237 ca-certificates (20090708) unstable; urgency=low
240 - cacert.org/root.crt and cacert.org/class3.crt:
241 Both certificate files were deprecated with 20080809. Users of these
242 root certificates are encouraged to switch to
243 `cacert.org/cacert.org.crt' which contains both class 1 and class 3
244 roots joined in a single file.
245 - quovadis.bm/QuoVadis_Root_Certification_Authority.crt:
246 This certificate has been added into the Mozilla truststore and
247 is available as `mozilla/QuoVadis_Root_CA.crt'.
248 * Do not redirect c_rehash error messages to /dev/null.
250 * Remove dangling symlinks on purge, which also gets rid of the hash
251 symlink for ca-certificates.crt. (Closes: #475240)
252 * Use subshells when grepping for certificates in config, avoiding
253 SIGPIPE because of grep's immediate exit after it finds the pattern.
255 * Fix VERBOSE_ARG usage in update-ca-certificates. Thanks to
256 Robby Workman of Slackware.
257 * Updated Standards-Version and FSF portal address in the copyright file.
259 -- Philipp Kern <pkern@debian.org> Wed, 08 Jul 2009 23:19:56 +0200
261 ca-certificates (20090701) unstable; urgency=low
263 * Reactivated "Equifax Secure Global eBusiness CA". (Closes: #534674)
264 Rationale: The rogue collision CA has its validity period in the past.
265 Thus it does not impose a risk upon us at the moment.
266 * Restrict search for local certificates to add on files ending with '.crt'.
267 * Canonicalize PEM names by applying the same set of substitions to
268 local and other certificates like the Mozilla certdata dumper does.
270 -- Philipp Kern <pkern@debian.org> Wed, 01 Jul 2009 14:50:00 +0200
272 ca-certificates (20090624) unstable; urgency=low
274 * Allow local certificate installation. All certificates found
275 in `/usr/local/share/ca-certificates' will be automatically added
276 to the list of trusted certificates in `/etc/ssl/certs'.
277 (Closes: #352637, #419491, #473677, #476663, #511150)
278 * Updated Mozilla certificates from nss 3.12.3-1 (certdata.txt revision
280 + COMODO ECC Certification Authority
282 + Network Solutions Certificate Authority
283 + WellsSecure Public Root Certificate Authority
284 - Equifax Secure Global eBusiness CA
285 - UTN USERFirst Object Root CA
286 * Reimplemented the Mozilla certdata parser mainly to exclude explicitly
287 untrusted certificates. This led to the exclusion of the
288 "MD5 Collisions Forged Rogue CA 23c3" and its parent
289 "Equifax Secure Global eBusiness CA". Furthermore code signing-only
290 certificates are no longer included neither.
291 * Remove the purging of old PEM files in postinst dating back to
292 versions earlier than 20030414.
293 * Hooks are now called at every invocation of `update-ca-certificates'.
294 If no changes were done to `/etc/ssl/certs', the input for the
295 hooks will be empty, though. Failure exit codes of hooks will not
296 tear down the upgrade process anymore. They are printed but ignored.
298 -- Philipp Kern <pkern@debian.org> Tue, 24 Jun 2009 21:04:08 +0200
300 ca-certificates (20081127) unstable; urgency=low
302 * Remove /etc/ssl{,/certs} in postrm to please piuparts. (Closes:
305 -- Philipp Kern <pkern@debian.org> Thu, 27 Nov 2008 19:13:17 +0100
307 ca-certificates (20080809) unstable; urgency=low
309 * New cacert.org.pem joining both CACert Class 1 and Class 3 certificates.
310 This file can be used for proper certificate chaining if CACert
311 server certificates are used. The old class3.pem and root.pem
312 certificates are deprecated. This new file could safely serve as
313 a replacement for both. (Closes: #494343)
314 * This also reintroduces the old name for the CACert certificate,
315 thus closing a long-standing bug about its rename to root.crt.
318 -- Philipp Kern <pkern@debian.org> Sat, 09 Aug 2008 14:58:24 -0300
320 ca-certificates (20080617) unstable; urgency=low
322 * Added French Government's IGC/A CA (both DSA and RSA).
325 -- Philipp Kern <pkern@debian.org> Mon, 23 Jun 2008 20:55:53 +0200
327 ca-certificates (20080616) unstable; urgency=low
329 * Fix installation on pt_BR locales. The problem was caused by the
330 .templates choices strings being marked for translation, with pt_BR
331 being the only language which actually translated them. Thanks to
332 Ubuntu for the fix, which needs to be around until Lenny is released
333 or six months have passed, whichever is later. (Closes: #472507)
334 * Drop Fumitoshi from the list of maintainers. Farewell!
335 * Bump Standards-Version to 3.8.0.
337 -- Philipp Kern <pkern@debian.org> Mon, 16 Jun 2008 17:41:50 +0200
339 ca-certificates (20080514) unstable; urgency=medium
341 * Added the new SPI CA certificate, created in response to the latest
342 openssl security update.
343 * Removed old SPI CA certificates (2006, 2007) as CAs cannot be
344 revoked sensibly. Expired CA created in 2003, expired in 2007 left
345 around for reference.
346 * Updated the Galician translation, thanks to Glennie Vignarajah.
349 -- Philipp Kern <pkern@debian.org> Wed, 14 May 2008 10:03:42 +0200
351 ca-certificates (20080411) unstable; urgency=low
353 * Added the current SPI CA certificate, used by Debian's infrastructure.
354 * Added Deutsche Telekom Root CA 2, which is used by German institutions
356 * Updated mozilla certificates from trunk, which led to the following
357 adds (+) and removes (-):
358 + Camerfirma Chambers of Commerce Root
359 + Camerfirma Global Chambersign Root
360 + Certplus Class 2 Primary CA
361 + COMODO Certification Authority
362 + DigiCert Assured ID Root CA
363 + DigiCert Global Root CA
364 + DigiCert High Assurance EV Root CA
367 + Entrust Root Certification Authority
368 + Firmaprofesional Root CA
369 + GeoTrust Global CA 2
370 + GeoTrust Primary Certification Authority
371 + GeoTrust Universal CA
372 + GeoTrust Universal CA 2
373 + GlobalSign Root CA - R2
374 + Go Daddy Class 2 CA
375 + NetLock Business (Class B) Root
376 + NetLock Express (Class C) Root
377 + NetLock Notary (Class A) Root
378 + NetLock Qualified (Class QA) Root
383 + Starfield Class 2 CA
384 + StartCom Certification Authority
387 + SwissSign Gold CA - G2
388 + SwissSign Platinum CA - G2
389 + SwissSign Silver CA - G2
391 + thawte Primary Root CA
392 + TURKTRUST Certificate Services Provider Root 1
393 + TURKTRUST Certificate Services Provider Root 2
394 + VeriSign Class 3 Public Primary Certification Authority - G5
395 + Wells Fargo Root CA
396 + XRamp Global CA Root
397 - Verisign Class 1 Public Primary OCSP Responder
398 - Verisign Class 2 Public Primary OCSP Responder
399 - Verisign Class 3 Public Primary OCSP Responder
400 - Verisign Secure Server OCSP Responder
401 (Closes: #447062, #456581)
402 * Updated the Russian debconf translation, thanks to Mikhail Gusarov.
404 * Reworded the description and made it static to ease translations.
405 * Reworded and amended README.Debian.
406 * Added myself to the uploaders of this package.
407 * Applied a patch by Martin F. Krafft to support hooks scripts
408 on add/remove of a certificate. (Closes: #377314)
410 -- Philipp Kern <pkern@debian.org> Sat, 12 Apr 2008 17:35:26 +0200
412 ca-certificates (20070303-0.1) unstable; urgency=low
414 * Non-maintainer upload to fix longstanding pending l10n issues.
415 * Debconf templates and debian/control reviewed by the debian-l10n-
416 english team as part of the Smith review project.
417 Closes: #432249, #434789
418 * Debconf translation updates:
419 - Japanese. Closes:#433067
420 - Basque. Closes: #433074
421 - Spanish. Closes: #433078
422 - Czech. Closes: #433100
423 - Galician. Closes: #433215
424 - Russian. Closes: #433224
425 - Swedish. Closes: #433432
426 - Vietnamese. Closes: #433792, #427000, #434992
427 - Dutch. Closes: #434670
428 - German. Closes: #434788
429 - Italian. Closes: #435029
430 * Portuguese. Closes: #435471
431 * Finnish. Closes: #448826
432 * Remove /etc/ssl when purging the package (only if that
433 directory is empty). Closes: #454334
434 * [Lintian] Give a reference to the GPL text in debian/copyright
435 * [Lintian] No longer ignore errors from "make clean"
436 * [Lintian] Upgrade debhelper compatibility to 4 (with debian/compat).
438 -- Christian Perrier <bubulle@debian.org> Thu, 14 Feb 2008 19:52:37 +0100
440 ca-certificates (20070303) unstable; urgency=low
442 * Add debconf.org crt. closes: Bug#342088
443 * Add cacert class3 crt. closes: Bug#350282
444 * Add debian/po/pt.po. closes: Bug#408183
445 * Update debian/po/ru.po. closes: Bug#410770
446 * Update debian/po/pt_BR.po. closes: Bug#403824
447 * Add debian/po/gl.po. closes: Bug#407951
449 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 4 Mar 2007 14:12:23 +0900
451 ca-certificates (20061027.2) unstable; urgency=low
453 * Non-maintainer upload to fix an RC issue revealed by the last NMU.
454 * Avoid cd to /etc/ssl/certs to removing hash symlinks
457 -- Christian Perrier <bubulle@debian.org> Fri, 2 Feb 2007 07:23:27 +0100
459 ca-certificates (20061027.1) unstable; urgency=low
461 * Non-maintainer upload to fix remaining l10n issues
462 * Debconf translation updates:
463 - Czech. Closes: #407807
464 - Spanish. Closes: #401968
465 - German. Closes: #396942
466 * Add debconf-updatepo to the clean target in debian/rules
467 to guarantee up-to-date PO(T) files
469 -- Christian Perrier <bubulle@debian.org> Mon, 22 Jan 2007 18:56:53 +0100
472 ca-certificates (20061027) unstable; urgency=low
474 * sbin/update-ca-certificates:
475 in fresh mode, rm symlinks only point to /usr/share/ca-certificates.
476 preserve other symlinks. closes: Bug#387089
477 * debian/po/nl.po: updated
479 * debian/po/fr.po: updated
481 * debian/po/da.po: updated
484 -- Fumitoshi UKAI <ukai@debian.or.jp> Sat, 28 Oct 2006 02:28:50 +0900
486 ca-certificates (20060816) unstable; urgency=low
488 * debian/control: explicitly mention that trustworthiness of certificate
489 authorities is not evaluated.
491 * debian/templates: refine messages
493 * debian/postinst: remove tailing spaces to avoid unnecessary dpkg-old file.
495 * debian/control: libssl0.9.7->libssl0.9.8
497 * debian/postrm: remove .dpkg-old files
499 * debian/README.Debian: fix
501 * debian/postinst: fix typo
503 * debian/po/sv.po: added
505 * debian/po/es.po: added
507 * add new SPI CA certificate
508 submitted by Michael C. Schultheiss <schultmc@debian.org>
510 -- Fumitoshi UKAI <ukai@debian.or.jp> Thu, 17 Aug 2006 13:12:27 +0900
512 ca-certificates (20050804) unstable; urgency=low
514 * use ${misc:Depends} in debian/control for debconf
515 * update description in debian/control
517 * update debian/po/vi.po
519 * update debian/po/de.po
522 -- Fumitoshi UKAI <ukai@debian.or.jp> Thu, 4 Aug 2005 01:29:38 +0900
524 ca-certificates (20050518) unstable; urgency=high
526 * fix ca-certificates.crt generationumask-sensitive and racy
528 * update mozilla/certdata.txt
529 add: "Certum Root CA", "Comodo AAA Services root"
530 "Comodo Secure Services root",
531 "Comodo Trusted Services root",
532 "IPS Chained CAs root", "IPS CLASE1 root", "IPS CLASE3 root",
533 "IPS CLASEA1 root", "IPS CLASEA3 root", "IPS Servidores root"
534 "IPS Timestamping root",
536 "Security Communication Root CA",
537 "Sonera Class 1 Root CA", "Sonera Class 2 Root CA",
538 "Staat der Nederlanden Root CA",
539 "TDC Internet Root CA", "TDC OCES Root CA",
540 "UTN DATACorp SGC Root CA", "UTN USERFirst Email Root CA",
541 "UTN USERFirst Hardware Root CA", "UTN USERFirst Object Root CA"
542 * add CACert.org's Root CA
543 closes: Bug#213086, Bug#288293
544 * add debian/po/vi.po
546 * add debian/po/cs.po
548 * write "How certificate will be accepted in ca-certificates package"
551 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 18 May 2005 00:40:54 +0900
553 ca-certificates (20040809) unstable; urgency=low
555 * previous version was not fixed Bug#255933 correctly.
556 update-ca-certificates now remove symlinks of deselected entries
557 in ca-certificates.conf
560 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 9 Aug 2004 03:23:20 +0900
562 ca-certificates (20040808) unstable; urgency=low
564 * run update-ca-certificates by /bin/sh -e
566 * update-ca-certificates remove symlinks of deselected entries
567 in ca-certificates.conf
569 * change default of trust_new_crts from 'ask' to 'yes'
570 closes: Bug#218838, Bug#221527, Bug#236675, Bug#247509
571 * refer libssl0.9.7 instead of libssl0.9.6 in Enhances:
573 * add brasil.gov.br certs
575 * add Signet CA Roots certs
577 * add QuoVadis CA Roots certs
589 * fix quote characters in template
591 * remove debian.org, because certs used in db.debian.org has been
592 revoked due to debian.org crack incidents.
593 db.debian.org uses certificates using spi-inc.org Root CA.
595 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 8 Aug 2004 10:58:30 +0900
597 ca-certificates (20031007.1) unstable; urgency=low
600 * Add brasil.gov.br/brasil.gov.br.crt, created from
601 http://www.icpbrasil.gov.br/certificadoACRaiz.crt
602 * Add debian/po/pt_BR.po: closes: Bug#224612
604 -- Otavio Salvador <otavio@debian.org> Thu, 5 Aug 2004 12:16:26 -0300
606 ca-certificates (20031007) unstable; urgency=low
608 * add debian/po/ru.po: closes: Bug#214371
610 -- Fumitoshi UKAI <ukai@debian.or.jp> Tue, 7 Oct 2003 03:06:06 +0900
612 ca-certificates (20030924) unstable; urgency=low
614 * add debian/po/ja.po: closes: Bug#212565
616 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 24 Sep 2003 22:09:09 +0900
618 ca-certificates (20030916) unstable; urgency=low
620 * add debian/po/fr.po: closes: Bug#211224, Bug#206769
621 * debian/config: if new cert is asked, don't ask all available certs
624 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 17 Sep 2003 02:12:14 +0900
626 ca-certificates (20030915) unstable; urgency=low
628 * debian/config.in: fix typo. closes: Bug#190990
629 * add option for new CA certificates. closes: Bug#190989
630 * switch to gettext-based debconf templates. closes: Bug#205782
631 * update mozilla/certdata.txt from mozilla 1.4 release
633 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 15 Sep 2003 01:15:04 +0900
635 ca-certificates (20030420) unstable; urgency=low
637 * add README.Debian and update-ca-certificates(8). closes: Bug#189604
638 * fix broken English in debconf template. closes: Bug#189606
639 * don't remove symlinks in /etc/ssl/certs. closes: Bug#189607
640 * preserve comments in /etc/ca-certificates.conf when upgrading.
643 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 21 Apr 2003 00:06:01 +0900
645 ca-certificates (20030415) unstable; urgency=medium
647 * fix upgrade problem
648 closes: Bug#188938, Bug#188940
651 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 14 Apr 2003 23:00:58 +0900
653 ca-certificates (20030414) unstable; urgency=medium
655 * certificates are installed in /usr/share/ca-certificates
656 you can find md5sum of certs files. closes: Bug#170777
658 * debconf to generate /etc/ca-certificates.conf
659 * update-ca-certificates update /etc/ssl/certs according
660 /etc/ca-certificates.conf
661 It also generate /etc/ssl/certs/ca-certificates.crt
662 which is single-file version of certs.
665 * change extension from .pem to .crt in /usr/share/ca-certificates
667 application/x-x509-ca-cert crt
668 but it will be hardlink or copied in /etc/ssl/certs with .pem
669 extension by update-ca-certificates.
670 c_rehash requires .pem extension
672 * Update certificate from mozilla 2:1.3-4
673 mozilla/security/nss/lib/ckfw/builtins/certdata.txt
674 cefd05b299ea683fc6b1ce9ff1e23a3f mozilla/certdata.txt
676 * Add spi-inc.org/spi-ca.crt from http://www.spi-inc.org/secretary/
677 33922a1660820e44812e7ddc392878cb spi-inc.org/spi-ca.crt
678 % openssl x509 -in spi-inc.org/spi-ca.crt -fingerprint -noout
679 MD5 Fingerprint=ED:85:3A:FD:32:43:13:73:91:4D:94:06:C4:10:EB:E5
681 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 14 Apr 2003 00:02:48 +0900
683 ca-certificates (20020323) unstable; urgency=low
685 * Moved from non-US to main now that openssl has moved there.
687 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 24 Mar 2002 03:11:54 +0900
689 ca-certificates (20020208) unstable; urgency=low
691 * add db.debian.org certificate
693 -- Fumitoshi UKAI <ukai@debian.or.jp> Fri, 8 Feb 2002 23:46:11 +0900
695 ca-certificates (20020112) unstable; urgency=low
697 * upload to non-US instead of main, because it depends on openssl
698 (it uses c_rehash in openssl in maintainer scripts)
700 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 13 Jan 2002 04:30:28 +0900
702 ca-certificates (20020107) unstable; urgency=low
704 * Initial Release. closes: Bug#126586
706 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 7 Jan 2002 21:16:51 +0900