X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=debian%2Fchangelog;h=06d6b0d3f05aa5aab5fd0ab9dcd3a38399be4277;hb=ae03cea72e176c15c832dcfd44f03f4a558d85c4;hp=ab517b6bba1965cc9d1cc762b413674b3c499330;hpb=e8469775905475f85f81fa96170e91c927722cb5;p=ca-certificates.git diff --git a/debian/changelog b/debian/changelog index ab517b6..06d6b0d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,69 @@ +ca-certificates (20111025.4) UNRELEASED; urgency=low + + * Clarify CA audit note in package description and README.debian. Thanks + to C.J. Adams-Collier for the patch. Closes: #594383 + * Remove French Government IGC/A CA certificates. The RSA certificate is + included in the Mozilla bundle and the DSA certificate is not in use. + Closes: #646767 + * Remove expired signet.pl CAs. Closes: #647849 + * Remove expired brasil.gov.br CA. + * Edit 20111025 changelog/NEWS entries to correctly list installed CAs + * Use 'set -e' in body of debian/postinst + * Update mozilla/certdata.txt to primary Mozilla repository version 1.80 + (no added/removed CAs) + ! TODO: update mozilla/certdata2pem.py to grok [NETSCAPE||NSS]... + + -- Michael Shuler Sun, 11 Dec 2011 15:00:20 -0600 + +ca-certificates (20111025) unstable; urgency=low + + [ Michael Shuler ] + * Add 3.0 (native) source format + * Add Vcs-Git/Browser fields + * Add myself as new Maintainer with Uploaders Closes: #588219 + * Update mozilla/certdata.txt to latest (NSS branch version 1.64.2.13) + Certificates added (+) and removed (-): + + "AffirmTrust Commercial" + + "AffirmTrust Networking" + + "AffirmTrust Premium" + + "AffirmTrust Premium ECC" + + "A-Trust-nQual-03" + + "Certinomis - Autorité Racine" + + "Certum Trusted Network CA" + + "Go Daddy Root Certificate Authority - G2" + + "Root CA Generalitat Valenciana" + + "Starfield Root Certificate Authority - G2" + + "Starfield Services Root Certificate Authority - G2" + + "TWCA Root Certification Authority" + - "AOL Time Warner Root Certification Authority 1" + - "AOL Time Warner Root Certification Authority 2" + - "DigiNotar Root CA" + - "Entrust.net Global Secure Personal CA" + - "Entrust.net Global Secure Server CA" + - "Entrust.net Secure Personal CA" + - "IPS Chained CAs root" + - "IPS CLASE1 root" + - "IPS CLASE3 root" + - "IPS CLASEA1 root" + - "IPS CLASEA3 root" + - "IPS Timestamping root" + - "Thawte Personal Freemail CA" + - "Thawte Time Stamping CA" + * Update CAcert-Class 3-Subroot-certificate Closes: #630232 + + [ Steve Langasek ] + * sbin/update-ca-certificates: move the ca-certificates.crt bundle out of + the way before calling c_rehash, so that symlinks don't accidentally get + pointed here, breaking openssl certificate verification LP: #854927 + + [ Loïc Minier ] + * Drop bogus c_rehash on upgrades, which caused issue when + ca-certificates.crt was still in place; instead, call + update-ca-certificates --fresh on upgrades to this version, and + the usual update-ca-certificates otherwise Closes: #643667, #537382 + + -- Michael Shuler Tue, 25 Oct 2011 09:12:10 -0500 + ca-certificates (20111022) unstable; urgency=low * QA upload.