X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=debian%2Fchangelog;h=06d6b0d3f05aa5aab5fd0ab9dcd3a38399be4277;hb=ae03cea72e176c15c832dcfd44f03f4a558d85c4;hp=8a55e4a86c37bf7d839b9697f66a0a9158c4bedd;hpb=200592bf79b7260048ceb1a3265167d93576ab7a;p=ca-certificates.git diff --git a/debian/changelog b/debian/changelog index 8a55e4a..06d6b0d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,21 +1,68 @@ -ca-certificates (20111022.1) UNRELEASED; urgency=low +ca-certificates (20111025.4) UNRELEASED; urgency=low - TODO: set version to release date, unstable, and delete this line + * Clarify CA audit note in package description and README.debian. Thanks + to C.J. Adams-Collier for the patch. Closes: #594383 + * Remove French Government IGC/A CA certificates. The RSA certificate is + included in the Mozilla bundle and the DSA certificate is not in use. + Closes: #646767 + * Remove expired signet.pl CAs. Closes: #647849 + * Remove expired brasil.gov.br CA. + * Edit 20111025 changelog/NEWS entries to correctly list installed CAs + * Use 'set -e' in body of debian/postinst + * Update mozilla/certdata.txt to primary Mozilla repository version 1.80 + (no added/removed CAs) + ! TODO: update mozilla/certdata2pem.py to grok [NETSCAPE||NSS]... + + -- Michael Shuler Sun, 11 Dec 2011 15:00:20 -0600 + +ca-certificates (20111025) unstable; urgency=low [ Michael Shuler ] * Add 3.0 (native) source format * Add Vcs-Git/Browser fields * Add myself as new Maintainer with Uploaders Closes: #588219 - * Update mozilla certdata.txt file to the latest version - Removed: - - - Added: - - - Changed: - - - * - - -- Michael Shuler Sun, 23 Oct 2011 14:13:58 -0500 + * Update mozilla/certdata.txt to latest (NSS branch version 1.64.2.13) + Certificates added (+) and removed (-): + + "AffirmTrust Commercial" + + "AffirmTrust Networking" + + "AffirmTrust Premium" + + "AffirmTrust Premium ECC" + + "A-Trust-nQual-03" + + "Certinomis - Autorité Racine" + + "Certum Trusted Network CA" + + "Go Daddy Root Certificate Authority - G2" + + "Root CA Generalitat Valenciana" + + "Starfield Root Certificate Authority - G2" + + "Starfield Services Root Certificate Authority - G2" + + "TWCA Root Certification Authority" + - "AOL Time Warner Root Certification Authority 1" + - "AOL Time Warner Root Certification Authority 2" + - "DigiNotar Root CA" + - "Entrust.net Global Secure Personal CA" + - "Entrust.net Global Secure Server CA" + - "Entrust.net Secure Personal CA" + - "IPS Chained CAs root" + - "IPS CLASE1 root" + - "IPS CLASE3 root" + - "IPS CLASEA1 root" + - "IPS CLASEA3 root" + - "IPS Timestamping root" + - "Thawte Personal Freemail CA" + - "Thawte Time Stamping CA" + * Update CAcert-Class 3-Subroot-certificate Closes: #630232 + + [ Steve Langasek ] + * sbin/update-ca-certificates: move the ca-certificates.crt bundle out of + the way before calling c_rehash, so that symlinks don't accidentally get + pointed here, breaking openssl certificate verification LP: #854927 + + [ Loïc Minier ] + * Drop bogus c_rehash on upgrades, which caused issue when + ca-certificates.crt was still in place; instead, call + update-ca-certificates --fresh on upgrades to this version, and + the usual update-ca-certificates otherwise Closes: #643667, #537382 + + -- Michael Shuler Tue, 25 Oct 2011 09:12:10 -0500 ca-certificates (20111022) unstable; urgency=low