1 ca-certificates (20111022.1) UNRELEASED; urgency=low
3 TODO: set version to release date
5 dch --news with CA adds/removes list
6 ? #643667 Broken symlinks on upgrade due to plain c_rehash call
9 * Add 3.0 (native) source format
10 * Add Vcs-Git/Browser fields
11 * Add myself as new Maintainer with Uploaders Closes: #588219
12 * Update mozilla/certdata.txt to latest (NSS branch version 1.64.2.13)
13 Certificates added (+) and removed (-):
14 + "AffirmTrust Commercial"
15 + "AffirmTrust Networking"
16 + "AffirmTrust Premium"
17 + "AffirmTrust Premium ECC"
19 + "Bogus Global Trustee"
24 + "Bogus Mozilla Addons"
29 + "Certinomis - Autorité Racine"
30 + "Certum Trusted Network CA"
31 + "Explicitly Distrust DigiNotar Cyber CA"
32 + "Explicitly Distrust DigiNotar Cyber CA 2nd"
33 + "Explicitly Distrust DigiNotar Root CA"
34 + "Explicitly Distrust DigiNotar Services 1024 CA"
35 + "Explicitly Distrusted DigiNotar PKIoverheid"
36 + "Explicitly Distrusted DigiNotar PKIoverheid G2"
37 + "Go Daddy Root Certificate Authority - G2"
38 + "Root CA Generalitat Valenciana"
39 + "Starfield Root Certificate Authority - G2"
40 + "Starfield Services Root Certificate Authority - G2"
41 + "TWCA Root Certification Authority"
42 - "AOL Time Warner Root Certification Authority 1"
43 - "AOL Time Warner Root Certification Authority 2"
45 - "Entrust.net Global Secure Personal CA"
46 - "Entrust.net Global Secure Server CA"
47 - "Entrust.net Secure Personal CA"
48 - "IPS Chained CAs root"
53 - "IPS Timestamping root"
54 - "Thawte Personal Freemail CA"
55 - "Thawte Time Stamping CA"
56 * "Bogus *" CAs above address Comodo MITM 03/11 Closes: #619587
57 * Update CAcert-Class 3-Subroot-certificate Closes: #630232
59 -- Michael Shuler <michael@pbandjelly.org> Sun, 23 Oct 2011 21:37:30 -0500
61 ca-certificates (20111022) unstable; urgency=low
64 * Fix pending l10n issues. Debconf translations:
65 - German (Helge Kreutzmann). Closes: #634000
66 - French (Christian Perrier). Closes: #634092
67 - Russian (Yuri Kozlov). Closes: #635146
68 - Swedish (Martin Bagge / brother). Closes: #640622
69 - Slovak (Slavko). Closes: #641987
70 - Spanish; (Javier Fernández-Sanguino). Closes: #642359
71 - Japanese (Kenshi Muto). Closes: #644828
72 - Czech (Miroslav Kure). Closes: #644843
73 - Danish (Joe Hansen). Closes: #644854
74 - Italian (Luca Monducci). Closes: #645004
75 - Dutch; (Jeroen Schot). Closes: #645090
76 - Portuguese (Miguel Figueiredo). Closes: #645126
77 - Galician (Jorge Barreiro). Closes: #645138
78 - Catalan; (Jordi Mallach). Closes: #645182
79 - Brazilian Portuguese (Adriano Rafael Gomes). Closes: #645526
80 * Split Choices in debconf templates
81 * Add build-arch and build-indep build targets
82 * Bump debhelper compatibility level to 8
83 * Bump Standards to 3.9.2 (checked)
84 * Replace "dh_clean -k" by dh_prep
86 -- Christian Perrier <bubulle@debian.org> Sat, 22 Oct 2011 14:24:00 +0200
88 ca-certificates (20110502+nmu1) unstable; urgency=high
90 * Non-maintainer upload by the Security Team.
91 * Blacklist "DigiNotar Root CA" (Closes: #639744)
93 -- Raphael Geissert <geissert@debian.org> Tue, 30 Aug 2011 21:00:55 -0500
95 ca-certificates (20110502) unstable; urgency=low
98 * Mark the package as multi-arch:foreign. (Closes: #622323)
99 * Use db_settitle in config script to allow translations of the
100 dialog title; thanks to Frans Pop. (Closes: #560314)
102 -- Philipp Kern <pkern@debian.org> Mon, 02 May 2011 19:27:50 +0200
104 ca-certificates (20110421) unstable; urgency=low
107 * Package is orphaned, set maintainer to QA group
108 * Depend on openssl 1.0.0 and force a call of c_rehash so that we have
109 both the old and new style of symlinks. (Closes: #611102)
110 * Remove libssl0.9.8 from enhances
111 * Update mozilla certdata.txt file to the latest version.
113 - ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt
114 - beTRUSTed_Root_CA-Baltimore_Implementation.crt
115 - beTRUSTed_Root_CA.crt
116 - beTRUSTed_Root_CA_-_Entrust_Implementation.crt
117 - beTRUSTed_Root_CA_-_RSA_Implementation.crt
118 - Digital_Signature_Trust_Co._Global_CA_2.crt
119 - Digital_Signature_Trust_Co._Global_CA_4.crt
120 - Entrust.net_Global_Secure_Personal_CA.crt
121 - Entrust.net_Global_Secure_Server_CA.crt
122 - Entrust.net_Secure_Personal_CA.crt
123 - GTE_CyberTrust_Root_CA.crt
124 - IPS_Chained_CAs_root.crt
125 - IPS_CLASE1_root.crt
126 - IPS_CLASE3_root.crt
127 - IPS_CLASEA1_root.crt
128 - IPS_CLASEA3_root.crt
129 - IPS_Servidores_root.crt
130 - IPS_Timestamping_root.crt
131 - RSA_Security_1024_v3.crt
133 - Thawte_Personal_Basic_CA.crt
134 - Thawte_Personal_Premium_CA.crt
135 - UTN-USER_First-Network_Applications.crt
136 - Verisign_RSA_Secure_Server_CA.crt
137 - Verisign_Time_Stamping_Authority_CA.crt
138 - Visa_International_Global_Root_2.crt
141 - AC_Raíz_Certicámara_S.A..crt
142 - ApplicationCA_-_Japanese_Government.crt
143 - Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
144 - Buypass_Class_2_CA_1.crt
145 - Buypass_Class_3_CA_1.crt
148 - certSIGN_ROOT_CA.crt
149 - Chambers_of_Commerce_Root_-_2008.crt
152 - ComSign_Secured_CA.crt
153 - Cybertrust_Global_Root.crt
154 - Deutsche_Telekom_Root_CA_2.crt
155 - EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.crt
156 - E-Guven_Kok_Elektronik_Sertifika_Hizmet_Saglayicisi.crt
157 - ePKI_Root_Certification_Authority.crt
158 - GeoTrust_Primary_Certification_Authority_-_G2.crt
159 - GeoTrust_Primary_Certification_Authority_-_G3.crt
160 - Global_Chambersign_Root_-_2008.crt
161 - GlobalSign_Root_CA_-_R3.crt
162 - Hongkong_Post_Root_CA_1.crt
166 - Microsec_e-Szigno_Root_CA_2009.crt
167 - Microsec_e-Szigno_Root_CA.crt
168 - NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt
169 - OISTE_WISeKey_Global_Root_GA_CA.crt
170 - SecureSign_RootCA11.crt
171 - Security_Communication_EV_RootCA1.crt
172 - Staat_der_Nederlanden_Root_CA_-_G2.crt
173 - S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.crt
174 - TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.crt
175 - TC_TrustCenter_Class_2_CA_II.crt
176 - TC_TrustCenter_Class_3_CA_II.crt
177 - TC_TrustCenter_Universal_CA_I.crt
178 - TC_TrustCenter_Universal_CA_III.crt
179 - thawte_Primary_Root_CA_-_G2.crt
180 - thawte_Primary_Root_CA_-_G3.crt
181 - VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt
182 - VeriSign_Universal_Root_Certification_Authority.crt
184 - Verisign_Class_1_Public_Primary_Certification_Authority.crt
185 - Verisign_Class_3_Public_Primary_Certification_Authority.crt
186 * Remove telesec.de/deutsche-telekom-root-ca-2.crt, now in mozilla.
187 * String decode the mozilla certdata.txt so the filenames show up as
188 proper UTF-8 strings.
190 -- Kurt Roeckx <kurt@roeckx.be> Thu, 21 Apr 2011 18:56:08 +0200
192 ca-certificates (20090814+nmu3) unstable; urgency=low
194 * Non-maintainer upload.
195 * Fix pending l10n issues. Debconf translations:
196 - French (Christian Perrier). Closes: #594231
197 - Danish (Joe Hansen). Closes: #601129
198 - Catalan (Jordi Mallach). Closes: #601089
199 - Brazilian Portuguese (Adriano Rafael Gomes). Closes: #618633
201 -- Christian Perrier <bubulle@debian.org> Sat, 19 Mar 2011 07:47:00 +0100
203 ca-certificates (20090814+nmu2) unstable; urgency=low
205 * Non-maintainer upload.
206 * Fixes buggy shell functions included in the postinst script.
209 -- Maximiliano Curia <maxy@debian.org> Fri, 13 Aug 2010 20:16:21 -0300
211 ca-certificates (20090814+nmu1) unstable; urgency=low
213 * Non-maintainer upload.
214 * Preserve user changes to the /etc/ca-certificates.conf.
217 -- Maximiliano Curia <maxy@debian.org> Fri, 30 Jul 2010 12:55:28 -0400
219 ca-certificates (20090814) unstable; urgency=low
221 * Call Debconf and its db_purge as early as possible in postrm.
224 -- Philipp Kern <pkern@debian.org> Fri, 14 Aug 2009 11:10:00 +0200
226 ca-certificates (20090709) unstable; urgency=low
228 * Fix purge by checking for `/etc/ssl/certs' first. (Closes: #536331)
230 -- Philipp Kern <pkern@debian.org> Thu, 09 Jul 2009 10:35:39 +0200
232 ca-certificates (20090708) unstable; urgency=low
235 - cacert.org/root.crt and cacert.org/class3.crt:
236 Both certificate files were deprecated with 20080809. Users of these
237 root certificates are encouraged to switch to
238 `cacert.org/cacert.org.crt' which contains both class 1 and class 3
239 roots joined in a single file.
240 - quovadis.bm/QuoVadis_Root_Certification_Authority.crt:
241 This certificate has been added into the Mozilla truststore and
242 is available as `mozilla/QuoVadis_Root_CA.crt'.
243 * Do not redirect c_rehash error messages to /dev/null.
245 * Remove dangling symlinks on purge, which also gets rid of the hash
246 symlink for ca-certificates.crt. (Closes: #475240)
247 * Use subshells when grepping for certificates in config, avoiding
248 SIGPIPE because of grep's immediate exit after it finds the pattern.
250 * Fix VERBOSE_ARG usage in update-ca-certificates. Thanks to
251 Robby Workman of Slackware.
252 * Updated Standards-Version and FSF portal address in the copyright file.
254 -- Philipp Kern <pkern@debian.org> Wed, 08 Jul 2009 23:19:56 +0200
256 ca-certificates (20090701) unstable; urgency=low
258 * Reactivated "Equifax Secure Global eBusiness CA". (Closes: #534674)
259 Rationale: The rogue collision CA has its validity period in the past.
260 Thus it does not impose a risk upon us at the moment.
261 * Restrict search for local certificates to add on files ending with '.crt'.
262 * Canonicalize PEM names by applying the same set of substitions to
263 local and other certificates like the Mozilla certdata dumper does.
265 -- Philipp Kern <pkern@debian.org> Wed, 01 Jul 2009 14:50:00 +0200
267 ca-certificates (20090624) unstable; urgency=low
269 * Allow local certificate installation. All certificates found
270 in `/usr/local/share/ca-certificates' will be automatically added
271 to the list of trusted certificates in `/etc/ssl/certs'.
272 (Closes: #352637, #419491, #473677, #476663, #511150)
273 * Updated Mozilla certificates from nss 3.12.3-1 (certdata.txt revision
275 + COMODO ECC Certification Authority
277 + Network Solutions Certificate Authority
278 + WellsSecure Public Root Certificate Authority
279 - Equifax Secure Global eBusiness CA
280 - UTN USERFirst Object Root CA
281 * Reimplemented the Mozilla certdata parser mainly to exclude explicitly
282 untrusted certificates. This led to the exclusion of the
283 "MD5 Collisions Forged Rogue CA 23c3" and its parent
284 "Equifax Secure Global eBusiness CA". Furthermore code signing-only
285 certificates are no longer included neither.
286 * Remove the purging of old PEM files in postinst dating back to
287 versions earlier than 20030414.
288 * Hooks are now called at every invocation of `update-ca-certificates'.
289 If no changes were done to `/etc/ssl/certs', the input for the
290 hooks will be empty, though. Failure exit codes of hooks will not
291 tear down the upgrade process anymore. They are printed but ignored.
293 -- Philipp Kern <pkern@debian.org> Tue, 24 Jun 2009 21:04:08 +0200
295 ca-certificates (20081127) unstable; urgency=low
297 * Remove /etc/ssl{,/certs} in postrm to please piuparts. (Closes:
300 -- Philipp Kern <pkern@debian.org> Thu, 27 Nov 2008 19:13:17 +0100
302 ca-certificates (20080809) unstable; urgency=low
304 * New cacert.org.pem joining both CACert Class 1 and Class 3 certificates.
305 This file can be used for proper certificate chaining if CACert
306 server certificates are used. The old class3.pem and root.pem
307 certificates are deprecated. This new file could safely serve as
308 a replacement for both. (Closes: #494343)
309 * This also reintroduces the old name for the CACert certificate,
310 thus closing a long-standing bug about its rename to root.crt.
313 -- Philipp Kern <pkern@debian.org> Sat, 09 Aug 2008 14:58:24 -0300
315 ca-certificates (20080617) unstable; urgency=low
317 * Added French Government's IGC/A CA (both DSA and RSA).
320 -- Philipp Kern <pkern@debian.org> Mon, 23 Jun 2008 20:55:53 +0200
322 ca-certificates (20080616) unstable; urgency=low
324 * Fix installation on pt_BR locales. The problem was caused by the
325 .templates choices strings being marked for translation, with pt_BR
326 being the only language which actually translated them. Thanks to
327 Ubuntu for the fix, which needs to be around until Lenny is released
328 or six months have passed, whichever is later. (Closes: #472507)
329 * Drop Fumitoshi from the list of maintainers. Farewell!
330 * Bump Standards-Version to 3.8.0.
332 -- Philipp Kern <pkern@debian.org> Mon, 16 Jun 2008 17:41:50 +0200
334 ca-certificates (20080514) unstable; urgency=medium
336 * Added the new SPI CA certificate, created in response to the latest
337 openssl security update.
338 * Removed old SPI CA certificates (2006, 2007) as CAs cannot be
339 revoked sensibly. Expired CA created in 2003, expired in 2007 left
340 around for reference.
341 * Updated the Galician translation, thanks to Glennie Vignarajah.
344 -- Philipp Kern <pkern@debian.org> Wed, 14 May 2008 10:03:42 +0200
346 ca-certificates (20080411) unstable; urgency=low
348 * Added the current SPI CA certificate, used by Debian's infrastructure.
349 * Added Deutsche Telekom Root CA 2, which is used by German institutions
351 * Updated mozilla certificates from trunk, which led to the following
352 adds (+) and removes (-):
353 + Camerfirma Chambers of Commerce Root
354 + Camerfirma Global Chambersign Root
355 + Certplus Class 2 Primary CA
356 + COMODO Certification Authority
357 + DigiCert Assured ID Root CA
358 + DigiCert Global Root CA
359 + DigiCert High Assurance EV Root CA
362 + Entrust Root Certification Authority
363 + Firmaprofesional Root CA
364 + GeoTrust Global CA 2
365 + GeoTrust Primary Certification Authority
366 + GeoTrust Universal CA
367 + GeoTrust Universal CA 2
368 + GlobalSign Root CA - R2
369 + Go Daddy Class 2 CA
370 + NetLock Business (Class B) Root
371 + NetLock Express (Class C) Root
372 + NetLock Notary (Class A) Root
373 + NetLock Qualified (Class QA) Root
378 + Starfield Class 2 CA
379 + StartCom Certification Authority
382 + SwissSign Gold CA - G2
383 + SwissSign Platinum CA - G2
384 + SwissSign Silver CA - G2
386 + thawte Primary Root CA
387 + TURKTRUST Certificate Services Provider Root 1
388 + TURKTRUST Certificate Services Provider Root 2
389 + VeriSign Class 3 Public Primary Certification Authority - G5
390 + Wells Fargo Root CA
391 + XRamp Global CA Root
392 - Verisign Class 1 Public Primary OCSP Responder
393 - Verisign Class 2 Public Primary OCSP Responder
394 - Verisign Class 3 Public Primary OCSP Responder
395 - Verisign Secure Server OCSP Responder
396 (Closes: #447062, #456581)
397 * Updated the Russian debconf translation, thanks to Mikhail Gusarov.
399 * Reworded the description and made it static to ease translations.
400 * Reworded and amended README.Debian.
401 * Added myself to the uploaders of this package.
402 * Applied a patch by Martin F. Krafft to support hooks scripts
403 on add/remove of a certificate. (Closes: #377314)
405 -- Philipp Kern <pkern@debian.org> Sat, 12 Apr 2008 17:35:26 +0200
407 ca-certificates (20070303-0.1) unstable; urgency=low
409 * Non-maintainer upload to fix longstanding pending l10n issues.
410 * Debconf templates and debian/control reviewed by the debian-l10n-
411 english team as part of the Smith review project.
412 Closes: #432249, #434789
413 * Debconf translation updates:
414 - Japanese. Closes:#433067
415 - Basque. Closes: #433074
416 - Spanish. Closes: #433078
417 - Czech. Closes: #433100
418 - Galician. Closes: #433215
419 - Russian. Closes: #433224
420 - Swedish. Closes: #433432
421 - Vietnamese. Closes: #433792, #427000, #434992
422 - Dutch. Closes: #434670
423 - German. Closes: #434788
424 - Italian. Closes: #435029
425 * Portuguese. Closes: #435471
426 * Finnish. Closes: #448826
427 * Remove /etc/ssl when purging the package (only if that
428 directory is empty). Closes: #454334
429 * [Lintian] Give a reference to the GPL text in debian/copyright
430 * [Lintian] No longer ignore errors from "make clean"
431 * [Lintian] Upgrade debhelper compatibility to 4 (with debian/compat).
433 -- Christian Perrier <bubulle@debian.org> Thu, 14 Feb 2008 19:52:37 +0100
435 ca-certificates (20070303) unstable; urgency=low
437 * Add debconf.org crt. closes: Bug#342088
438 * Add cacert class3 crt. closes: Bug#350282
439 * Add debian/po/pt.po. closes: Bug#408183
440 * Update debian/po/ru.po. closes: Bug#410770
441 * Update debian/po/pt_BR.po. closes: Bug#403824
442 * Add debian/po/gl.po. closes: Bug#407951
444 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 4 Mar 2007 14:12:23 +0900
446 ca-certificates (20061027.2) unstable; urgency=low
448 * Non-maintainer upload to fix an RC issue revealed by the last NMU.
449 * Avoid cd to /etc/ssl/certs to removing hash symlinks
452 -- Christian Perrier <bubulle@debian.org> Fri, 2 Feb 2007 07:23:27 +0100
454 ca-certificates (20061027.1) unstable; urgency=low
456 * Non-maintainer upload to fix remaining l10n issues
457 * Debconf translation updates:
458 - Czech. Closes: #407807
459 - Spanish. Closes: #401968
460 - German. Closes: #396942
461 * Add debconf-updatepo to the clean target in debian/rules
462 to guarantee up-to-date PO(T) files
464 -- Christian Perrier <bubulle@debian.org> Mon, 22 Jan 2007 18:56:53 +0100
467 ca-certificates (20061027) unstable; urgency=low
469 * sbin/update-ca-certificates:
470 in fresh mode, rm symlinks only point to /usr/share/ca-certificates.
471 preserve other symlinks. closes: Bug#387089
472 * debian/po/nl.po: updated
474 * debian/po/fr.po: updated
476 * debian/po/da.po: updated
479 -- Fumitoshi UKAI <ukai@debian.or.jp> Sat, 28 Oct 2006 02:28:50 +0900
481 ca-certificates (20060816) unstable; urgency=low
483 * debian/control: explicitly mention that trustworthiness of certificate
484 authorities is not evaluated.
486 * debian/templates: refine messages
488 * debian/postinst: remove tailing spaces to avoid unnecessary dpkg-old file.
490 * debian/control: libssl0.9.7->libssl0.9.8
492 * debian/postrm: remove .dpkg-old files
494 * debian/README.Debian: fix
496 * debian/postinst: fix typo
498 * debian/po/sv.po: added
500 * debian/po/es.po: added
502 * add new SPI CA certificate
503 submitted by Michael C. Schultheiss <schultmc@debian.org>
505 -- Fumitoshi UKAI <ukai@debian.or.jp> Thu, 17 Aug 2006 13:12:27 +0900
507 ca-certificates (20050804) unstable; urgency=low
509 * use ${misc:Depends} in debian/control for debconf
510 * update description in debian/control
512 * update debian/po/vi.po
514 * update debian/po/de.po
517 -- Fumitoshi UKAI <ukai@debian.or.jp> Thu, 4 Aug 2005 01:29:38 +0900
519 ca-certificates (20050518) unstable; urgency=high
521 * fix ca-certificates.crt generationumask-sensitive and racy
523 * update mozilla/certdata.txt
524 add: "Certum Root CA", "Comodo AAA Services root"
525 "Comodo Secure Services root",
526 "Comodo Trusted Services root",
527 "IPS Chained CAs root", "IPS CLASE1 root", "IPS CLASE3 root",
528 "IPS CLASEA1 root", "IPS CLASEA3 root", "IPS Servidores root"
529 "IPS Timestamping root",
531 "Security Communication Root CA",
532 "Sonera Class 1 Root CA", "Sonera Class 2 Root CA",
533 "Staat der Nederlanden Root CA",
534 "TDC Internet Root CA", "TDC OCES Root CA",
535 "UTN DATACorp SGC Root CA", "UTN USERFirst Email Root CA",
536 "UTN USERFirst Hardware Root CA", "UTN USERFirst Object Root CA"
537 * add CACert.org's Root CA
538 closes: Bug#213086, Bug#288293
539 * add debian/po/vi.po
541 * add debian/po/cs.po
543 * write "How certificate will be accepted in ca-certificates package"
546 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 18 May 2005 00:40:54 +0900
548 ca-certificates (20040809) unstable; urgency=low
550 * previous version was not fixed Bug#255933 correctly.
551 update-ca-certificates now remove symlinks of deselected entries
552 in ca-certificates.conf
555 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 9 Aug 2004 03:23:20 +0900
557 ca-certificates (20040808) unstable; urgency=low
559 * run update-ca-certificates by /bin/sh -e
561 * update-ca-certificates remove symlinks of deselected entries
562 in ca-certificates.conf
564 * change default of trust_new_crts from 'ask' to 'yes'
565 closes: Bug#218838, Bug#221527, Bug#236675, Bug#247509
566 * refer libssl0.9.7 instead of libssl0.9.6 in Enhances:
568 * add brasil.gov.br certs
570 * add Signet CA Roots certs
572 * add QuoVadis CA Roots certs
584 * fix quote characters in template
586 * remove debian.org, because certs used in db.debian.org has been
587 revoked due to debian.org crack incidents.
588 db.debian.org uses certificates using spi-inc.org Root CA.
590 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 8 Aug 2004 10:58:30 +0900
592 ca-certificates (20031007.1) unstable; urgency=low
595 * Add brasil.gov.br/brasil.gov.br.crt, created from
596 http://www.icpbrasil.gov.br/certificadoACRaiz.crt
597 * Add debian/po/pt_BR.po: closes: Bug#224612
599 -- Otavio Salvador <otavio@debian.org> Thu, 5 Aug 2004 12:16:26 -0300
601 ca-certificates (20031007) unstable; urgency=low
603 * add debian/po/ru.po: closes: Bug#214371
605 -- Fumitoshi UKAI <ukai@debian.or.jp> Tue, 7 Oct 2003 03:06:06 +0900
607 ca-certificates (20030924) unstable; urgency=low
609 * add debian/po/ja.po: closes: Bug#212565
611 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 24 Sep 2003 22:09:09 +0900
613 ca-certificates (20030916) unstable; urgency=low
615 * add debian/po/fr.po: closes: Bug#211224, Bug#206769
616 * debian/config: if new cert is asked, don't ask all available certs
619 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 17 Sep 2003 02:12:14 +0900
621 ca-certificates (20030915) unstable; urgency=low
623 * debian/config.in: fix typo. closes: Bug#190990
624 * add option for new CA certificates. closes: Bug#190989
625 * switch to gettext-based debconf templates. closes: Bug#205782
626 * update mozilla/certdata.txt from mozilla 1.4 release
628 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 15 Sep 2003 01:15:04 +0900
630 ca-certificates (20030420) unstable; urgency=low
632 * add README.Debian and update-ca-certificates(8). closes: Bug#189604
633 * fix broken English in debconf template. closes: Bug#189606
634 * don't remove symlinks in /etc/ssl/certs. closes: Bug#189607
635 * preserve comments in /etc/ca-certificates.conf when upgrading.
638 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 21 Apr 2003 00:06:01 +0900
640 ca-certificates (20030415) unstable; urgency=medium
642 * fix upgrade problem
643 closes: Bug#188938, Bug#188940
646 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 14 Apr 2003 23:00:58 +0900
648 ca-certificates (20030414) unstable; urgency=medium
650 * certificates are installed in /usr/share/ca-certificates
651 you can find md5sum of certs files. closes: Bug#170777
653 * debconf to generate /etc/ca-certificates.conf
654 * update-ca-certificates update /etc/ssl/certs according
655 /etc/ca-certificates.conf
656 It also generate /etc/ssl/certs/ca-certificates.crt
657 which is single-file version of certs.
660 * change extension from .pem to .crt in /usr/share/ca-certificates
662 application/x-x509-ca-cert crt
663 but it will be hardlink or copied in /etc/ssl/certs with .pem
664 extension by update-ca-certificates.
665 c_rehash requires .pem extension
667 * Update certificate from mozilla 2:1.3-4
668 mozilla/security/nss/lib/ckfw/builtins/certdata.txt
669 cefd05b299ea683fc6b1ce9ff1e23a3f mozilla/certdata.txt
671 * Add spi-inc.org/spi-ca.crt from http://www.spi-inc.org/secretary/
672 33922a1660820e44812e7ddc392878cb spi-inc.org/spi-ca.crt
673 % openssl x509 -in spi-inc.org/spi-ca.crt -fingerprint -noout
674 MD5 Fingerprint=ED:85:3A:FD:32:43:13:73:91:4D:94:06:C4:10:EB:E5
676 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 14 Apr 2003 00:02:48 +0900
678 ca-certificates (20020323) unstable; urgency=low
680 * Moved from non-US to main now that openssl has moved there.
682 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 24 Mar 2002 03:11:54 +0900
684 ca-certificates (20020208) unstable; urgency=low
686 * add db.debian.org certificate
688 -- Fumitoshi UKAI <ukai@debian.or.jp> Fri, 8 Feb 2002 23:46:11 +0900
690 ca-certificates (20020112) unstable; urgency=low
692 * upload to non-US instead of main, because it depends on openssl
693 (it uses c_rehash in openssl in maintainer scripts)
695 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 13 Jan 2002 04:30:28 +0900
697 ca-certificates (20020107) unstable; urgency=low
699 * Initial Release. closes: Bug#126586
701 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 7 Jan 2002 21:16:51 +0900