1 ca-certificates (20111211) unstable; urgency=low
3 * Clarify CA audit note in package description and README.debian. Thanks
4 to C.J. Adams-Collier for the patch. Closes: #594383
5 * Remove French Government IGC/A CA certificates. The RSA certificate is
6 included in the Mozilla bundle and the DSA certificate is not in use.
8 * Remove expired signet.pl CAs. Closes: #647849
9 * Remove expired brasil.gov.br CA.
10 * Edit 20111025 changelog/NEWS entries to correctly list installed CAs
11 * Use 'set -e' in body of debian/postinst
12 * Update mozilla/certdata.txt to version 1.80
13 (no added/removed CAs)
14 * Update mozilla/certdata2pem.py to parse NETSCAPE or NSS data
16 -- Michael Shuler <michael@pbandjelly.org> Sun, 11 Dec 2011 19:05:32 -0600
18 ca-certificates (20111025) unstable; urgency=low
21 * Add 3.0 (native) source format
22 * Add Vcs-Git/Browser fields
23 * Add myself as new Maintainer with Uploaders Closes: #588219
24 * Update mozilla/certdata.txt to latest (NSS branch version 1.64.2.13)
25 Certificates added (+) and removed (-):
26 + "AffirmTrust Commercial"
27 + "AffirmTrust Networking"
28 + "AffirmTrust Premium"
29 + "AffirmTrust Premium ECC"
31 + "Certinomis - Autorité Racine"
32 + "Certum Trusted Network CA"
33 + "Go Daddy Root Certificate Authority - G2"
34 + "Root CA Generalitat Valenciana"
35 + "Starfield Root Certificate Authority - G2"
36 + "Starfield Services Root Certificate Authority - G2"
37 + "TWCA Root Certification Authority"
38 - "AOL Time Warner Root Certification Authority 1"
39 - "AOL Time Warner Root Certification Authority 2"
41 - "Entrust.net Global Secure Personal CA"
42 - "Entrust.net Global Secure Server CA"
43 - "Entrust.net Secure Personal CA"
44 - "IPS Chained CAs root"
49 - "IPS Timestamping root"
50 - "Thawte Personal Freemail CA"
51 - "Thawte Time Stamping CA"
52 * Update CAcert-Class 3-Subroot-certificate Closes: #630232
55 * sbin/update-ca-certificates: move the ca-certificates.crt bundle out of
56 the way before calling c_rehash, so that symlinks don't accidentally get
57 pointed here, breaking openssl certificate verification LP: #854927
60 * Drop bogus c_rehash on upgrades, which caused issue when
61 ca-certificates.crt was still in place; instead, call
62 update-ca-certificates --fresh on upgrades to this version, and
63 the usual update-ca-certificates otherwise Closes: #643667, #537382
65 -- Michael Shuler <michael@pbandjelly.org> Tue, 25 Oct 2011 09:12:10 -0500
67 ca-certificates (20111022) unstable; urgency=low
70 * Fix pending l10n issues. Debconf translations:
71 - German (Helge Kreutzmann). Closes: #634000
72 - French (Christian Perrier). Closes: #634092
73 - Russian (Yuri Kozlov). Closes: #635146
74 - Swedish (Martin Bagge / brother). Closes: #640622
75 - Slovak (Slavko). Closes: #641987
76 - Spanish; (Javier Fernández-Sanguino). Closes: #642359
77 - Japanese (Kenshi Muto). Closes: #644828
78 - Czech (Miroslav Kure). Closes: #644843
79 - Danish (Joe Hansen). Closes: #644854
80 - Italian (Luca Monducci). Closes: #645004
81 - Dutch; (Jeroen Schot). Closes: #645090
82 - Portuguese (Miguel Figueiredo). Closes: #645126
83 - Galician (Jorge Barreiro). Closes: #645138
84 - Catalan; (Jordi Mallach). Closes: #645182
85 - Brazilian Portuguese (Adriano Rafael Gomes). Closes: #645526
86 * Split Choices in debconf templates
87 * Add build-arch and build-indep build targets
88 * Bump debhelper compatibility level to 8
89 * Bump Standards to 3.9.2 (checked)
90 * Replace "dh_clean -k" by dh_prep
92 -- Christian Perrier <bubulle@debian.org> Sat, 22 Oct 2011 14:24:00 +0200
94 ca-certificates (20110502+nmu1) unstable; urgency=high
96 * Non-maintainer upload by the Security Team.
97 * Blacklist "DigiNotar Root CA" (Closes: #639744)
99 -- Raphael Geissert <geissert@debian.org> Tue, 30 Aug 2011 21:00:55 -0500
101 ca-certificates (20110502) unstable; urgency=low
104 * Mark the package as multi-arch:foreign. (Closes: #622323)
105 * Use db_settitle in config script to allow translations of the
106 dialog title; thanks to Frans Pop. (Closes: #560314)
108 -- Philipp Kern <pkern@debian.org> Mon, 02 May 2011 19:27:50 +0200
110 ca-certificates (20110421) unstable; urgency=low
113 * Package is orphaned, set maintainer to QA group
114 * Depend on openssl 1.0.0 and force a call of c_rehash so that we have
115 both the old and new style of symlinks. (Closes: #611102)
116 * Remove libssl0.9.8 from enhances
117 * Update mozilla certdata.txt file to the latest version.
119 - ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt
120 - beTRUSTed_Root_CA-Baltimore_Implementation.crt
121 - beTRUSTed_Root_CA.crt
122 - beTRUSTed_Root_CA_-_Entrust_Implementation.crt
123 - beTRUSTed_Root_CA_-_RSA_Implementation.crt
124 - Digital_Signature_Trust_Co._Global_CA_2.crt
125 - Digital_Signature_Trust_Co._Global_CA_4.crt
126 - Entrust.net_Global_Secure_Personal_CA.crt
127 - Entrust.net_Global_Secure_Server_CA.crt
128 - Entrust.net_Secure_Personal_CA.crt
129 - GTE_CyberTrust_Root_CA.crt
130 - IPS_Chained_CAs_root.crt
131 - IPS_CLASE1_root.crt
132 - IPS_CLASE3_root.crt
133 - IPS_CLASEA1_root.crt
134 - IPS_CLASEA3_root.crt
135 - IPS_Servidores_root.crt
136 - IPS_Timestamping_root.crt
137 - RSA_Security_1024_v3.crt
139 - Thawte_Personal_Basic_CA.crt
140 - Thawte_Personal_Premium_CA.crt
141 - UTN-USER_First-Network_Applications.crt
142 - Verisign_RSA_Secure_Server_CA.crt
143 - Verisign_Time_Stamping_Authority_CA.crt
144 - Visa_International_Global_Root_2.crt
147 - AC_Raíz_Certicámara_S.A..crt
148 - ApplicationCA_-_Japanese_Government.crt
149 - Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
150 - Buypass_Class_2_CA_1.crt
151 - Buypass_Class_3_CA_1.crt
154 - certSIGN_ROOT_CA.crt
155 - Chambers_of_Commerce_Root_-_2008.crt
158 - ComSign_Secured_CA.crt
159 - Cybertrust_Global_Root.crt
160 - Deutsche_Telekom_Root_CA_2.crt
161 - EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.crt
162 - E-Guven_Kok_Elektronik_Sertifika_Hizmet_Saglayicisi.crt
163 - ePKI_Root_Certification_Authority.crt
164 - GeoTrust_Primary_Certification_Authority_-_G2.crt
165 - GeoTrust_Primary_Certification_Authority_-_G3.crt
166 - Global_Chambersign_Root_-_2008.crt
167 - GlobalSign_Root_CA_-_R3.crt
168 - Hongkong_Post_Root_CA_1.crt
172 - Microsec_e-Szigno_Root_CA_2009.crt
173 - Microsec_e-Szigno_Root_CA.crt
174 - NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt
175 - OISTE_WISeKey_Global_Root_GA_CA.crt
176 - SecureSign_RootCA11.crt
177 - Security_Communication_EV_RootCA1.crt
178 - Staat_der_Nederlanden_Root_CA_-_G2.crt
179 - S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.crt
180 - TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.crt
181 - TC_TrustCenter_Class_2_CA_II.crt
182 - TC_TrustCenter_Class_3_CA_II.crt
183 - TC_TrustCenter_Universal_CA_I.crt
184 - TC_TrustCenter_Universal_CA_III.crt
185 - thawte_Primary_Root_CA_-_G2.crt
186 - thawte_Primary_Root_CA_-_G3.crt
187 - VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt
188 - VeriSign_Universal_Root_Certification_Authority.crt
190 - Verisign_Class_1_Public_Primary_Certification_Authority.crt
191 - Verisign_Class_3_Public_Primary_Certification_Authority.crt
192 * Remove telesec.de/deutsche-telekom-root-ca-2.crt, now in mozilla.
193 * String decode the mozilla certdata.txt so the filenames show up as
194 proper UTF-8 strings.
196 -- Kurt Roeckx <kurt@roeckx.be> Thu, 21 Apr 2011 18:56:08 +0200
198 ca-certificates (20090814+nmu3) unstable; urgency=low
200 * Non-maintainer upload.
201 * Fix pending l10n issues. Debconf translations:
202 - French (Christian Perrier). Closes: #594231
203 - Danish (Joe Hansen). Closes: #601129
204 - Catalan (Jordi Mallach). Closes: #601089
205 - Brazilian Portuguese (Adriano Rafael Gomes). Closes: #618633
207 -- Christian Perrier <bubulle@debian.org> Sat, 19 Mar 2011 07:47:00 +0100
209 ca-certificates (20090814+nmu2) unstable; urgency=low
211 * Non-maintainer upload.
212 * Fixes buggy shell functions included in the postinst script.
215 -- Maximiliano Curia <maxy@debian.org> Fri, 13 Aug 2010 20:16:21 -0300
217 ca-certificates (20090814+nmu1) unstable; urgency=low
219 * Non-maintainer upload.
220 * Preserve user changes to the /etc/ca-certificates.conf.
223 -- Maximiliano Curia <maxy@debian.org> Fri, 30 Jul 2010 12:55:28 -0400
225 ca-certificates (20090814) unstable; urgency=low
227 * Call Debconf and its db_purge as early as possible in postrm.
230 -- Philipp Kern <pkern@debian.org> Fri, 14 Aug 2009 11:10:00 +0200
232 ca-certificates (20090709) unstable; urgency=low
234 * Fix purge by checking for `/etc/ssl/certs' first. (Closes: #536331)
236 -- Philipp Kern <pkern@debian.org> Thu, 09 Jul 2009 10:35:39 +0200
238 ca-certificates (20090708) unstable; urgency=low
241 - cacert.org/root.crt and cacert.org/class3.crt:
242 Both certificate files were deprecated with 20080809. Users of these
243 root certificates are encouraged to switch to
244 `cacert.org/cacert.org.crt' which contains both class 1 and class 3
245 roots joined in a single file.
246 - quovadis.bm/QuoVadis_Root_Certification_Authority.crt:
247 This certificate has been added into the Mozilla truststore and
248 is available as `mozilla/QuoVadis_Root_CA.crt'.
249 * Do not redirect c_rehash error messages to /dev/null.
251 * Remove dangling symlinks on purge, which also gets rid of the hash
252 symlink for ca-certificates.crt. (Closes: #475240)
253 * Use subshells when grepping for certificates in config, avoiding
254 SIGPIPE because of grep's immediate exit after it finds the pattern.
256 * Fix VERBOSE_ARG usage in update-ca-certificates. Thanks to
257 Robby Workman of Slackware.
258 * Updated Standards-Version and FSF portal address in the copyright file.
260 -- Philipp Kern <pkern@debian.org> Wed, 08 Jul 2009 23:19:56 +0200
262 ca-certificates (20090701) unstable; urgency=low
264 * Reactivated "Equifax Secure Global eBusiness CA". (Closes: #534674)
265 Rationale: The rogue collision CA has its validity period in the past.
266 Thus it does not impose a risk upon us at the moment.
267 * Restrict search for local certificates to add on files ending with '.crt'.
268 * Canonicalize PEM names by applying the same set of substitions to
269 local and other certificates like the Mozilla certdata dumper does.
271 -- Philipp Kern <pkern@debian.org> Wed, 01 Jul 2009 14:50:00 +0200
273 ca-certificates (20090624) unstable; urgency=low
275 * Allow local certificate installation. All certificates found
276 in `/usr/local/share/ca-certificates' will be automatically added
277 to the list of trusted certificates in `/etc/ssl/certs'.
278 (Closes: #352637, #419491, #473677, #476663, #511150)
279 * Updated Mozilla certificates from nss 3.12.3-1 (certdata.txt revision
281 + COMODO ECC Certification Authority
283 + Network Solutions Certificate Authority
284 + WellsSecure Public Root Certificate Authority
285 - Equifax Secure Global eBusiness CA
286 - UTN USERFirst Object Root CA
287 * Reimplemented the Mozilla certdata parser mainly to exclude explicitly
288 untrusted certificates. This led to the exclusion of the
289 "MD5 Collisions Forged Rogue CA 23c3" and its parent
290 "Equifax Secure Global eBusiness CA". Furthermore code signing-only
291 certificates are no longer included neither.
292 * Remove the purging of old PEM files in postinst dating back to
293 versions earlier than 20030414.
294 * Hooks are now called at every invocation of `update-ca-certificates'.
295 If no changes were done to `/etc/ssl/certs', the input for the
296 hooks will be empty, though. Failure exit codes of hooks will not
297 tear down the upgrade process anymore. They are printed but ignored.
299 -- Philipp Kern <pkern@debian.org> Tue, 24 Jun 2009 21:04:08 +0200
301 ca-certificates (20081127) unstable; urgency=low
303 * Remove /etc/ssl{,/certs} in postrm to please piuparts. (Closes:
306 -- Philipp Kern <pkern@debian.org> Thu, 27 Nov 2008 19:13:17 +0100
308 ca-certificates (20080809) unstable; urgency=low
310 * New cacert.org.pem joining both CACert Class 1 and Class 3 certificates.
311 This file can be used for proper certificate chaining if CACert
312 server certificates are used. The old class3.pem and root.pem
313 certificates are deprecated. This new file could safely serve as
314 a replacement for both. (Closes: #494343)
315 * This also reintroduces the old name for the CACert certificate,
316 thus closing a long-standing bug about its rename to root.crt.
319 -- Philipp Kern <pkern@debian.org> Sat, 09 Aug 2008 14:58:24 -0300
321 ca-certificates (20080617) unstable; urgency=low
323 * Added French Government's IGC/A CA (both DSA and RSA).
326 -- Philipp Kern <pkern@debian.org> Mon, 23 Jun 2008 20:55:53 +0200
328 ca-certificates (20080616) unstable; urgency=low
330 * Fix installation on pt_BR locales. The problem was caused by the
331 .templates choices strings being marked for translation, with pt_BR
332 being the only language which actually translated them. Thanks to
333 Ubuntu for the fix, which needs to be around until Lenny is released
334 or six months have passed, whichever is later. (Closes: #472507)
335 * Drop Fumitoshi from the list of maintainers. Farewell!
336 * Bump Standards-Version to 3.8.0.
338 -- Philipp Kern <pkern@debian.org> Mon, 16 Jun 2008 17:41:50 +0200
340 ca-certificates (20080514) unstable; urgency=medium
342 * Added the new SPI CA certificate, created in response to the latest
343 openssl security update.
344 * Removed old SPI CA certificates (2006, 2007) as CAs cannot be
345 revoked sensibly. Expired CA created in 2003, expired in 2007 left
346 around for reference.
347 * Updated the Galician translation, thanks to Glennie Vignarajah.
350 -- Philipp Kern <pkern@debian.org> Wed, 14 May 2008 10:03:42 +0200
352 ca-certificates (20080411) unstable; urgency=low
354 * Added the current SPI CA certificate, used by Debian's infrastructure.
355 * Added Deutsche Telekom Root CA 2, which is used by German institutions
357 * Updated mozilla certificates from trunk, which led to the following
358 adds (+) and removes (-):
359 + Camerfirma Chambers of Commerce Root
360 + Camerfirma Global Chambersign Root
361 + Certplus Class 2 Primary CA
362 + COMODO Certification Authority
363 + DigiCert Assured ID Root CA
364 + DigiCert Global Root CA
365 + DigiCert High Assurance EV Root CA
368 + Entrust Root Certification Authority
369 + Firmaprofesional Root CA
370 + GeoTrust Global CA 2
371 + GeoTrust Primary Certification Authority
372 + GeoTrust Universal CA
373 + GeoTrust Universal CA 2
374 + GlobalSign Root CA - R2
375 + Go Daddy Class 2 CA
376 + NetLock Business (Class B) Root
377 + NetLock Express (Class C) Root
378 + NetLock Notary (Class A) Root
379 + NetLock Qualified (Class QA) Root
384 + Starfield Class 2 CA
385 + StartCom Certification Authority
388 + SwissSign Gold CA - G2
389 + SwissSign Platinum CA - G2
390 + SwissSign Silver CA - G2
392 + thawte Primary Root CA
393 + TURKTRUST Certificate Services Provider Root 1
394 + TURKTRUST Certificate Services Provider Root 2
395 + VeriSign Class 3 Public Primary Certification Authority - G5
396 + Wells Fargo Root CA
397 + XRamp Global CA Root
398 - Verisign Class 1 Public Primary OCSP Responder
399 - Verisign Class 2 Public Primary OCSP Responder
400 - Verisign Class 3 Public Primary OCSP Responder
401 - Verisign Secure Server OCSP Responder
402 (Closes: #447062, #456581)
403 * Updated the Russian debconf translation, thanks to Mikhail Gusarov.
405 * Reworded the description and made it static to ease translations.
406 * Reworded and amended README.Debian.
407 * Added myself to the uploaders of this package.
408 * Applied a patch by Martin F. Krafft to support hooks scripts
409 on add/remove of a certificate. (Closes: #377314)
411 -- Philipp Kern <pkern@debian.org> Sat, 12 Apr 2008 17:35:26 +0200
413 ca-certificates (20070303-0.1) unstable; urgency=low
415 * Non-maintainer upload to fix longstanding pending l10n issues.
416 * Debconf templates and debian/control reviewed by the debian-l10n-
417 english team as part of the Smith review project.
418 Closes: #432249, #434789
419 * Debconf translation updates:
420 - Japanese. Closes:#433067
421 - Basque. Closes: #433074
422 - Spanish. Closes: #433078
423 - Czech. Closes: #433100
424 - Galician. Closes: #433215
425 - Russian. Closes: #433224
426 - Swedish. Closes: #433432
427 - Vietnamese. Closes: #433792, #427000, #434992
428 - Dutch. Closes: #434670
429 - German. Closes: #434788
430 - Italian. Closes: #435029
431 * Portuguese. Closes: #435471
432 * Finnish. Closes: #448826
433 * Remove /etc/ssl when purging the package (only if that
434 directory is empty). Closes: #454334
435 * [Lintian] Give a reference to the GPL text in debian/copyright
436 * [Lintian] No longer ignore errors from "make clean"
437 * [Lintian] Upgrade debhelper compatibility to 4 (with debian/compat).
439 -- Christian Perrier <bubulle@debian.org> Thu, 14 Feb 2008 19:52:37 +0100
441 ca-certificates (20070303) unstable; urgency=low
443 * Add debconf.org crt. closes: Bug#342088
444 * Add cacert class3 crt. closes: Bug#350282
445 * Add debian/po/pt.po. closes: Bug#408183
446 * Update debian/po/ru.po. closes: Bug#410770
447 * Update debian/po/pt_BR.po. closes: Bug#403824
448 * Add debian/po/gl.po. closes: Bug#407951
450 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 4 Mar 2007 14:12:23 +0900
452 ca-certificates (20061027.2) unstable; urgency=low
454 * Non-maintainer upload to fix an RC issue revealed by the last NMU.
455 * Avoid cd to /etc/ssl/certs to removing hash symlinks
458 -- Christian Perrier <bubulle@debian.org> Fri, 2 Feb 2007 07:23:27 +0100
460 ca-certificates (20061027.1) unstable; urgency=low
462 * Non-maintainer upload to fix remaining l10n issues
463 * Debconf translation updates:
464 - Czech. Closes: #407807
465 - Spanish. Closes: #401968
466 - German. Closes: #396942
467 * Add debconf-updatepo to the clean target in debian/rules
468 to guarantee up-to-date PO(T) files
470 -- Christian Perrier <bubulle@debian.org> Mon, 22 Jan 2007 18:56:53 +0100
473 ca-certificates (20061027) unstable; urgency=low
475 * sbin/update-ca-certificates:
476 in fresh mode, rm symlinks only point to /usr/share/ca-certificates.
477 preserve other symlinks. closes: Bug#387089
478 * debian/po/nl.po: updated
480 * debian/po/fr.po: updated
482 * debian/po/da.po: updated
485 -- Fumitoshi UKAI <ukai@debian.or.jp> Sat, 28 Oct 2006 02:28:50 +0900
487 ca-certificates (20060816) unstable; urgency=low
489 * debian/control: explicitly mention that trustworthiness of certificate
490 authorities is not evaluated.
492 * debian/templates: refine messages
494 * debian/postinst: remove tailing spaces to avoid unnecessary dpkg-old file.
496 * debian/control: libssl0.9.7->libssl0.9.8
498 * debian/postrm: remove .dpkg-old files
500 * debian/README.Debian: fix
502 * debian/postinst: fix typo
504 * debian/po/sv.po: added
506 * debian/po/es.po: added
508 * add new SPI CA certificate
509 submitted by Michael C. Schultheiss <schultmc@debian.org>
511 -- Fumitoshi UKAI <ukai@debian.or.jp> Thu, 17 Aug 2006 13:12:27 +0900
513 ca-certificates (20050804) unstable; urgency=low
515 * use ${misc:Depends} in debian/control for debconf
516 * update description in debian/control
518 * update debian/po/vi.po
520 * update debian/po/de.po
523 -- Fumitoshi UKAI <ukai@debian.or.jp> Thu, 4 Aug 2005 01:29:38 +0900
525 ca-certificates (20050518) unstable; urgency=high
527 * fix ca-certificates.crt generationumask-sensitive and racy
529 * update mozilla/certdata.txt
530 add: "Certum Root CA", "Comodo AAA Services root"
531 "Comodo Secure Services root",
532 "Comodo Trusted Services root",
533 "IPS Chained CAs root", "IPS CLASE1 root", "IPS CLASE3 root",
534 "IPS CLASEA1 root", "IPS CLASEA3 root", "IPS Servidores root"
535 "IPS Timestamping root",
537 "Security Communication Root CA",
538 "Sonera Class 1 Root CA", "Sonera Class 2 Root CA",
539 "Staat der Nederlanden Root CA",
540 "TDC Internet Root CA", "TDC OCES Root CA",
541 "UTN DATACorp SGC Root CA", "UTN USERFirst Email Root CA",
542 "UTN USERFirst Hardware Root CA", "UTN USERFirst Object Root CA"
543 * add CACert.org's Root CA
544 closes: Bug#213086, Bug#288293
545 * add debian/po/vi.po
547 * add debian/po/cs.po
549 * write "How certificate will be accepted in ca-certificates package"
552 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 18 May 2005 00:40:54 +0900
554 ca-certificates (20040809) unstable; urgency=low
556 * previous version was not fixed Bug#255933 correctly.
557 update-ca-certificates now remove symlinks of deselected entries
558 in ca-certificates.conf
561 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 9 Aug 2004 03:23:20 +0900
563 ca-certificates (20040808) unstable; urgency=low
565 * run update-ca-certificates by /bin/sh -e
567 * update-ca-certificates remove symlinks of deselected entries
568 in ca-certificates.conf
570 * change default of trust_new_crts from 'ask' to 'yes'
571 closes: Bug#218838, Bug#221527, Bug#236675, Bug#247509
572 * refer libssl0.9.7 instead of libssl0.9.6 in Enhances:
574 * add brasil.gov.br certs
576 * add Signet CA Roots certs
578 * add QuoVadis CA Roots certs
590 * fix quote characters in template
592 * remove debian.org, because certs used in db.debian.org has been
593 revoked due to debian.org crack incidents.
594 db.debian.org uses certificates using spi-inc.org Root CA.
596 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 8 Aug 2004 10:58:30 +0900
598 ca-certificates (20031007.1) unstable; urgency=low
601 * Add brasil.gov.br/brasil.gov.br.crt, created from
602 http://www.icpbrasil.gov.br/certificadoACRaiz.crt
603 * Add debian/po/pt_BR.po: closes: Bug#224612
605 -- Otavio Salvador <otavio@debian.org> Thu, 5 Aug 2004 12:16:26 -0300
607 ca-certificates (20031007) unstable; urgency=low
609 * add debian/po/ru.po: closes: Bug#214371
611 -- Fumitoshi UKAI <ukai@debian.or.jp> Tue, 7 Oct 2003 03:06:06 +0900
613 ca-certificates (20030924) unstable; urgency=low
615 * add debian/po/ja.po: closes: Bug#212565
617 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 24 Sep 2003 22:09:09 +0900
619 ca-certificates (20030916) unstable; urgency=low
621 * add debian/po/fr.po: closes: Bug#211224, Bug#206769
622 * debian/config: if new cert is asked, don't ask all available certs
625 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 17 Sep 2003 02:12:14 +0900
627 ca-certificates (20030915) unstable; urgency=low
629 * debian/config.in: fix typo. closes: Bug#190990
630 * add option for new CA certificates. closes: Bug#190989
631 * switch to gettext-based debconf templates. closes: Bug#205782
632 * update mozilla/certdata.txt from mozilla 1.4 release
634 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 15 Sep 2003 01:15:04 +0900
636 ca-certificates (20030420) unstable; urgency=low
638 * add README.Debian and update-ca-certificates(8). closes: Bug#189604
639 * fix broken English in debconf template. closes: Bug#189606
640 * don't remove symlinks in /etc/ssl/certs. closes: Bug#189607
641 * preserve comments in /etc/ca-certificates.conf when upgrading.
644 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 21 Apr 2003 00:06:01 +0900
646 ca-certificates (20030415) unstable; urgency=medium
648 * fix upgrade problem
649 closes: Bug#188938, Bug#188940
652 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 14 Apr 2003 23:00:58 +0900
654 ca-certificates (20030414) unstable; urgency=medium
656 * certificates are installed in /usr/share/ca-certificates
657 you can find md5sum of certs files. closes: Bug#170777
659 * debconf to generate /etc/ca-certificates.conf
660 * update-ca-certificates update /etc/ssl/certs according
661 /etc/ca-certificates.conf
662 It also generate /etc/ssl/certs/ca-certificates.crt
663 which is single-file version of certs.
666 * change extension from .pem to .crt in /usr/share/ca-certificates
668 application/x-x509-ca-cert crt
669 but it will be hardlink or copied in /etc/ssl/certs with .pem
670 extension by update-ca-certificates.
671 c_rehash requires .pem extension
673 * Update certificate from mozilla 2:1.3-4
674 mozilla/security/nss/lib/ckfw/builtins/certdata.txt
675 cefd05b299ea683fc6b1ce9ff1e23a3f mozilla/certdata.txt
677 * Add spi-inc.org/spi-ca.crt from http://www.spi-inc.org/secretary/
678 33922a1660820e44812e7ddc392878cb spi-inc.org/spi-ca.crt
679 % openssl x509 -in spi-inc.org/spi-ca.crt -fingerprint -noout
680 MD5 Fingerprint=ED:85:3A:FD:32:43:13:73:91:4D:94:06:C4:10:EB:E5
682 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 14 Apr 2003 00:02:48 +0900
684 ca-certificates (20020323) unstable; urgency=low
686 * Moved from non-US to main now that openssl has moved there.
688 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 24 Mar 2002 03:11:54 +0900
690 ca-certificates (20020208) unstable; urgency=low
692 * add db.debian.org certificate
694 -- Fumitoshi UKAI <ukai@debian.or.jp> Fri, 8 Feb 2002 23:46:11 +0900
696 ca-certificates (20020112) unstable; urgency=low
698 * upload to non-US instead of main, because it depends on openssl
699 (it uses c_rehash in openssl in maintainer scripts)
701 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 13 Jan 2002 04:30:28 +0900
703 ca-certificates (20020107) unstable; urgency=low
705 * Initial Release. closes: Bug#126586
707 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 7 Jan 2002 21:16:51 +0900