+ca-certificates (20111025) unstable; urgency=low
+
+ * Update mozilla/certdata.txt to latest (NSS branch version 1.64.2.13)
+ Certificates added (+) and removed (-):
+ + "AffirmTrust Commercial"
+ + "AffirmTrust Networking"
+ + "AffirmTrust Premium"
+ + "AffirmTrust Premium ECC"
+ + "A-Trust-nQual-03"
+ + "Bogus Global Trustee"
+ + "Bogus GMail"
+ + "Bogus Google"
+ + "Bogus kuix.de"
+ + "Bogus live.com"
+ + "Bogus Mozilla Addons"
+ + "Bogus Skype"
+ + "Bogus Yahoo 1"
+ + "Bogus Yahoo 2"
+ + "Bogus Yahoo 3"
+ + "Certinomis - Autorité Racine"
+ + "Certum Trusted Network CA"
+ + "Explicitly Distrust DigiNotar Cyber CA"
+ + "Explicitly Distrust DigiNotar Cyber CA 2nd"
+ + "Explicitly Distrust DigiNotar Root CA"
+ + "Explicitly Distrust DigiNotar Services 1024 CA"
+ + "Explicitly Distrusted DigiNotar PKIoverheid"
+ + "Explicitly Distrusted DigiNotar PKIoverheid G2"
+ + "Go Daddy Root Certificate Authority - G2"
+ + "Root CA Generalitat Valenciana"
+ + "Starfield Root Certificate Authority - G2"
+ + "Starfield Services Root Certificate Authority - G2"
+ + "TWCA Root Certification Authority"
+ - "AOL Time Warner Root Certification Authority 1"
+ - "AOL Time Warner Root Certification Authority 2"
+ - "DigiNotar Root CA"
+ - "Entrust.net Global Secure Personal CA"
+ - "Entrust.net Global Secure Server CA"
+ - "Entrust.net Secure Personal CA"
+ - "IPS Chained CAs root"
+ - "IPS CLASE1 root"
+ - "IPS CLASE3 root"
+ - "IPS CLASEA1 root"
+ - "IPS CLASEA3 root"
+ - "IPS Timestamping root"
+ - "Thawte Personal Freemail CA"
+ - "Thawte Time Stamping CA"
+ * "Bogus *" CAs above address Comodo MITM 03/11 Closes: #619587
+ * Update CAcert-Class 3-Subroot-certificate Closes: #630232
+
+ -- Michael Shuler <michael@pbandjelly.org> Sun, 23 Oct 2011 23:16:57 -0500
+
+ca-certificates (20090708) unstable; urgency=low
+
+ * Removed CA files:
+ - cacert.org/root.crt and cacert.org/class3.crt:
+ Both certificate files were deprecated with 20080809. Users of these
+ root certificates are encouraged to switch to
+ `cacert.org/cacert.org.crt' which contains both class 1 and class 3
+ roots joined in a single file.
+ - quovadis.bm/QuoVadis_Root_Certification_Authority.crt:
+ This certificate has been added into the Mozilla truststore and
+ is available as `mozilla/QuoVadis_Root_CA.crt'.
+
+ -- Philipp Kern <pkern@debian.org> Wed, 08 Jul 2009 23:19:56 +0200
+
+ca-certificates (20090701) unstable; urgency=low
+
+ * Readded Equifax Secure Global eBusiness CA.
+
+ -- Philipp Kern <pkern@debian.org> Wed, 01 Jul 2009 14:47:02 +0200
+
+ca-certificates (20090624) unstable; urgency=low
+
+ * This update eases the installation of local certification authorities
+ by providing a canonical location in `/usr/local/share/ca-certificates'.
+ All certificates found in this directory will automatically be included
+ into the list of trusted certificates. For details please see
+ `/usr/share/doc/ca-certificates/README.Debian'.
+ * New CA certificates:
+ - COMODO ECC Certification Authority
+ - DigiNotar Root CA
+ - Network Solutions Certificate Authority
+ - WellsSecure Public Root Certificate Authority
+ * Removed CA certificates:
+ - Equifax Secure Global eBusiness CA
+ - UTN USERFirst Object Root CA
+
+ -- Philipp Kern <pkern@debian.org> Wed, 24 Jun 2009 21:04:45 +0200
+
+ca-certificates (20080809) unstable; urgency=low
+
+ * New cacert.org.pem joining both CACert Class 1 and Class 3 certificates.
+ This file can be used for proper certificate chaining if CACert
+ server certificates are used. The old class3.pem and root.pem
+ certificates are deprecated. This new file could safely serve as
+ a replacement for both.
+
+ -- Philipp Kern <pkern@debian.org> Sat, 09 Aug 2008 14:58:24 -0300
+
+ca-certificates (20080617) unstable; urgency=low
+
+ * New CA certificates:
+ - gouv.fr: added French Government's IGC/A CA
+ - spi-inc.org: added new SPI CA certificate, created in reponse to
+ the infamous OpenSSL security update (already in 20080514)
+ * Removed CA certificates:
+ - spi-inc.org: removed old, still valid but possibly compromised
+ SPI CA certificates from 2006 and 2007 (already in 20080514)
+
+ -- Philipp Kern <pkern@debian.org> Fri, 20 Jun 2008 10:05:49 +0200
+
+ca-certificates (20080411) unstable; urgency=low
+
+ * New CA certificates:
+ - spi-inc.org: current SPI CA certificate
+ - telesec.de: added Deutsche Telekom Root CA 2
+ - mozilla:
+ + Camerfirma Chambers of Commerce Root
+ + Camerfirma Global Chambersign Root
+ + Certplus Class 2 Primary CA
+ + COMODO Certification Authority
+ + DigiCert Assured ID Root CA
+ + DigiCert Global Root CA
+ + DigiCert High Assurance EV Root CA
+ + DST ACES CA X6
+ + DST Root CA X3
+ + Entrust Root Certification Authority
+ + Firmaprofesional Root CA
+ + GeoTrust Global CA 2
+ + GeoTrust Primary Certification Authority
+ + GeoTrust Universal CA
+ + GeoTrust Universal CA 2
+ + GlobalSign Root CA - R2
+ + Go Daddy Class 2 CA
+ + NetLock Business (Class B) Root
+ + NetLock Express (Class C) Root
+ + NetLock Notary (Class A) Root
+ + NetLock Qualified (Class QA) Root
+ + QuoVadis Root CA 2
+ + QuoVadis Root CA 3
+ + Secure Global CA
+ + SecureTrust CA
+ + Starfield Class 2 CA
+ + StartCom Certification Authority
+ + StartCom Ltd.
+ + Swisscom Root CA 1
+ + SwissSign Gold CA - G2
+ + SwissSign Platinum CA - G2
+ + SwissSign Silver CA - G2
+ + Taiwan GRCA
+ + thawte Primary Root CA
+ + TURKTRUST Certificate Services Provider Root 1
+ + TURKTRUST Certificate Services Provider Root 2
+ + VeriSign Class 3 Public Primary Certification Authority - G5
+ + Wells Fargo Root CA
+ + XRamp Global CA Root
+ * Removed CA certificates:
+ - mozilla:
+ + Verisign Class 1 Public Primary OCSP Responder
+ + Verisign Class 2 Public Primary OCSP Responder
+ + Verisign Class 3 Public Primary OCSP Responder
+ + Verisign Secure Server OCSP Responder
+
+ -- Philipp Kern <pkern@debian.org> Mon, 07 Apr 2008 18:00:06 +0200
+
+ca-certificates (20070303) unstable; urgency=low
+
+ * New CA certificates:
+ - debconf.org: DebConf
+ - cacert.org: add class3
+
+ -- Fumitoshi UKAI <ukai@debian.or.jp> Sat, 3 Mar 2007 21:21:50 -0800
+
ca-certificates (20040808) unstable; urgency=low
* New CA certificates: