1 ca-certificates (20111022.1) UNRELEASED; urgency=low
3 TODO: set version to release date, unstable, and delete this line
6 * Add 3.0 (native) source format
7 * Add Vcs-Git/Browser fields
8 * Add myself as new Maintainer with Uploaders Closes: #588219
9 * Update mozilla/certdata.txt to latest (NSS branch version 1.64.2.13)
10 Certificates added (+) and removed (-):
11 + "AffirmTrust Commercial"
12 + "AffirmTrust Networking"
13 + "AffirmTrust Premium"
14 + "AffirmTrust Premium ECC"
16 + "Bogus Global Trustee"
21 + "Bogus Mozilla Addons"
26 + "Certinomis - Autorité Racine"
27 + "Certum Trusted Network CA"
28 + "Explicitly Distrust DigiNotar Cyber CA"
29 + "Explicitly Distrust DigiNotar Cyber CA 2nd"
30 + "Explicitly Distrust DigiNotar Root CA"
31 + "Explicitly Distrust DigiNotar Services 1024 CA"
32 + "Explicitly Distrusted DigiNotar PKIoverheid"
33 + "Explicitly Distrusted DigiNotar PKIoverheid G2"
34 + "Go Daddy Root Certificate Authority - G2"
35 + "Root CA Generalitat Valenciana"
36 + "Starfield Root Certificate Authority - G2"
37 + "Starfield Services Root Certificate Authority - G2"
38 + "TWCA Root Certification Authority"
39 - "AOL Time Warner Root Certification Authority 1"
40 - "AOL Time Warner Root Certification Authority 2"
42 - "Entrust.net Global Secure Personal CA"
43 - "Entrust.net Global Secure Server CA"
44 - "Entrust.net Secure Personal CA"
45 - "IPS Chained CAs root"
50 - "IPS Timestamping root"
51 - "Thawte Personal Freemail CA"
52 - "Thawte Time Stamping CA"
55 -- Michael Shuler <michael@pbandjelly.org> Sun, 23 Oct 2011 16:56:46 -0500
57 ca-certificates (20111022) unstable; urgency=low
60 * Fix pending l10n issues. Debconf translations:
61 - German (Helge Kreutzmann). Closes: #634000
62 - French (Christian Perrier). Closes: #634092
63 - Russian (Yuri Kozlov). Closes: #635146
64 - Swedish (Martin Bagge / brother). Closes: #640622
65 - Slovak (Slavko). Closes: #641987
66 - Spanish; (Javier Fernández-Sanguino). Closes: #642359
67 - Japanese (Kenshi Muto). Closes: #644828
68 - Czech (Miroslav Kure). Closes: #644843
69 - Danish (Joe Hansen). Closes: #644854
70 - Italian (Luca Monducci). Closes: #645004
71 - Dutch; (Jeroen Schot). Closes: #645090
72 - Portuguese (Miguel Figueiredo). Closes: #645126
73 - Galician (Jorge Barreiro). Closes: #645138
74 - Catalan; (Jordi Mallach). Closes: #645182
75 - Brazilian Portuguese (Adriano Rafael Gomes). Closes: #645526
76 * Split Choices in debconf templates
77 * Add build-arch and build-indep build targets
78 * Bump debhelper compatibility level to 8
79 * Bump Standards to 3.9.2 (checked)
80 * Replace "dh_clean -k" by dh_prep
82 -- Christian Perrier <bubulle@debian.org> Sat, 22 Oct 2011 14:24:00 +0200
84 ca-certificates (20110502+nmu1) unstable; urgency=high
86 * Non-maintainer upload by the Security Team.
87 * Blacklist "DigiNotar Root CA" (Closes: #639744)
89 -- Raphael Geissert <geissert@debian.org> Tue, 30 Aug 2011 21:00:55 -0500
91 ca-certificates (20110502) unstable; urgency=low
94 * Mark the package as multi-arch:foreign. (Closes: #622323)
95 * Use db_settitle in config script to allow translations of the
96 dialog title; thanks to Frans Pop. (Closes: #560314)
98 -- Philipp Kern <pkern@debian.org> Mon, 02 May 2011 19:27:50 +0200
100 ca-certificates (20110421) unstable; urgency=low
103 * Package is orphaned, set maintainer to QA group
104 * Depend on openssl 1.0.0 and force a call of c_rehash so that we have
105 both the old and new style of symlinks. (Closes: #611102)
106 * Remove libssl0.9.8 from enhances
107 * Update mozilla certdata.txt file to the latest version.
109 - ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt
110 - beTRUSTed_Root_CA-Baltimore_Implementation.crt
111 - beTRUSTed_Root_CA.crt
112 - beTRUSTed_Root_CA_-_Entrust_Implementation.crt
113 - beTRUSTed_Root_CA_-_RSA_Implementation.crt
114 - Digital_Signature_Trust_Co._Global_CA_2.crt
115 - Digital_Signature_Trust_Co._Global_CA_4.crt
116 - Entrust.net_Global_Secure_Personal_CA.crt
117 - Entrust.net_Global_Secure_Server_CA.crt
118 - Entrust.net_Secure_Personal_CA.crt
119 - GTE_CyberTrust_Root_CA.crt
120 - IPS_Chained_CAs_root.crt
121 - IPS_CLASE1_root.crt
122 - IPS_CLASE3_root.crt
123 - IPS_CLASEA1_root.crt
124 - IPS_CLASEA3_root.crt
125 - IPS_Servidores_root.crt
126 - IPS_Timestamping_root.crt
127 - RSA_Security_1024_v3.crt
129 - Thawte_Personal_Basic_CA.crt
130 - Thawte_Personal_Premium_CA.crt
131 - UTN-USER_First-Network_Applications.crt
132 - Verisign_RSA_Secure_Server_CA.crt
133 - Verisign_Time_Stamping_Authority_CA.crt
134 - Visa_International_Global_Root_2.crt
137 - AC_Raíz_Certicámara_S.A..crt
138 - ApplicationCA_-_Japanese_Government.crt
139 - Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
140 - Buypass_Class_2_CA_1.crt
141 - Buypass_Class_3_CA_1.crt
144 - certSIGN_ROOT_CA.crt
145 - Chambers_of_Commerce_Root_-_2008.crt
148 - ComSign_Secured_CA.crt
149 - Cybertrust_Global_Root.crt
150 - Deutsche_Telekom_Root_CA_2.crt
151 - EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.crt
152 - E-Guven_Kok_Elektronik_Sertifika_Hizmet_Saglayicisi.crt
153 - ePKI_Root_Certification_Authority.crt
154 - GeoTrust_Primary_Certification_Authority_-_G2.crt
155 - GeoTrust_Primary_Certification_Authority_-_G3.crt
156 - Global_Chambersign_Root_-_2008.crt
157 - GlobalSign_Root_CA_-_R3.crt
158 - Hongkong_Post_Root_CA_1.crt
162 - Microsec_e-Szigno_Root_CA_2009.crt
163 - Microsec_e-Szigno_Root_CA.crt
164 - NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt
165 - OISTE_WISeKey_Global_Root_GA_CA.crt
166 - SecureSign_RootCA11.crt
167 - Security_Communication_EV_RootCA1.crt
168 - Staat_der_Nederlanden_Root_CA_-_G2.crt
169 - S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.crt
170 - TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.crt
171 - TC_TrustCenter_Class_2_CA_II.crt
172 - TC_TrustCenter_Class_3_CA_II.crt
173 - TC_TrustCenter_Universal_CA_I.crt
174 - TC_TrustCenter_Universal_CA_III.crt
175 - thawte_Primary_Root_CA_-_G2.crt
176 - thawte_Primary_Root_CA_-_G3.crt
177 - VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt
178 - VeriSign_Universal_Root_Certification_Authority.crt
180 - Verisign_Class_1_Public_Primary_Certification_Authority.crt
181 - Verisign_Class_3_Public_Primary_Certification_Authority.crt
182 * Remove telesec.de/deutsche-telekom-root-ca-2.crt, now in mozilla.
183 * String decode the mozilla certdata.txt so the filenames show up as
184 proper UTF-8 strings.
186 -- Kurt Roeckx <kurt@roeckx.be> Thu, 21 Apr 2011 18:56:08 +0200
188 ca-certificates (20090814+nmu3) unstable; urgency=low
190 * Non-maintainer upload.
191 * Fix pending l10n issues. Debconf translations:
192 - French (Christian Perrier). Closes: #594231
193 - Danish (Joe Hansen). Closes: #601129
194 - Catalan (Jordi Mallach). Closes: #601089
195 - Brazilian Portuguese (Adriano Rafael Gomes). Closes: #618633
197 -- Christian Perrier <bubulle@debian.org> Sat, 19 Mar 2011 07:47:00 +0100
199 ca-certificates (20090814+nmu2) unstable; urgency=low
201 * Non-maintainer upload.
202 * Fixes buggy shell functions included in the postinst script.
205 -- Maximiliano Curia <maxy@debian.org> Fri, 13 Aug 2010 20:16:21 -0300
207 ca-certificates (20090814+nmu1) unstable; urgency=low
209 * Non-maintainer upload.
210 * Preserve user changes to the /etc/ca-certificates.conf.
213 -- Maximiliano Curia <maxy@debian.org> Fri, 30 Jul 2010 12:55:28 -0400
215 ca-certificates (20090814) unstable; urgency=low
217 * Call Debconf and its db_purge as early as possible in postrm.
220 -- Philipp Kern <pkern@debian.org> Fri, 14 Aug 2009 11:10:00 +0200
222 ca-certificates (20090709) unstable; urgency=low
224 * Fix purge by checking for `/etc/ssl/certs' first. (Closes: #536331)
226 -- Philipp Kern <pkern@debian.org> Thu, 09 Jul 2009 10:35:39 +0200
228 ca-certificates (20090708) unstable; urgency=low
231 - cacert.org/root.crt and cacert.org/class3.crt:
232 Both certificate files were deprecated with 20080809. Users of these
233 root certificates are encouraged to switch to
234 `cacert.org/cacert.org.crt' which contains both class 1 and class 3
235 roots joined in a single file.
236 - quovadis.bm/QuoVadis_Root_Certification_Authority.crt:
237 This certificate has been added into the Mozilla truststore and
238 is available as `mozilla/QuoVadis_Root_CA.crt'.
239 * Do not redirect c_rehash error messages to /dev/null.
241 * Remove dangling symlinks on purge, which also gets rid of the hash
242 symlink for ca-certificates.crt. (Closes: #475240)
243 * Use subshells when grepping for certificates in config, avoiding
244 SIGPIPE because of grep's immediate exit after it finds the pattern.
246 * Fix VERBOSE_ARG usage in update-ca-certificates. Thanks to
247 Robby Workman of Slackware.
248 * Updated Standards-Version and FSF portal address in the copyright file.
250 -- Philipp Kern <pkern@debian.org> Wed, 08 Jul 2009 23:19:56 +0200
252 ca-certificates (20090701) unstable; urgency=low
254 * Reactivated "Equifax Secure Global eBusiness CA". (Closes: #534674)
255 Rationale: The rogue collision CA has its validity period in the past.
256 Thus it does not impose a risk upon us at the moment.
257 * Restrict search for local certificates to add on files ending with '.crt'.
258 * Canonicalize PEM names by applying the same set of substitions to
259 local and other certificates like the Mozilla certdata dumper does.
261 -- Philipp Kern <pkern@debian.org> Wed, 01 Jul 2009 14:50:00 +0200
263 ca-certificates (20090624) unstable; urgency=low
265 * Allow local certificate installation. All certificates found
266 in `/usr/local/share/ca-certificates' will be automatically added
267 to the list of trusted certificates in `/etc/ssl/certs'.
268 (Closes: #352637, #419491, #473677, #476663, #511150)
269 * Updated Mozilla certificates from nss 3.12.3-1 (certdata.txt revision
271 + COMODO ECC Certification Authority
273 + Network Solutions Certificate Authority
274 + WellsSecure Public Root Certificate Authority
275 - Equifax Secure Global eBusiness CA
276 - UTN USERFirst Object Root CA
277 * Reimplemented the Mozilla certdata parser mainly to exclude explicitly
278 untrusted certificates. This led to the exclusion of the
279 "MD5 Collisions Forged Rogue CA 23c3" and its parent
280 "Equifax Secure Global eBusiness CA". Furthermore code signing-only
281 certificates are no longer included neither.
282 * Remove the purging of old PEM files in postinst dating back to
283 versions earlier than 20030414.
284 * Hooks are now called at every invocation of `update-ca-certificates'.
285 If no changes were done to `/etc/ssl/certs', the input for the
286 hooks will be empty, though. Failure exit codes of hooks will not
287 tear down the upgrade process anymore. They are printed but ignored.
289 -- Philipp Kern <pkern@debian.org> Tue, 24 Jun 2009 21:04:08 +0200
291 ca-certificates (20081127) unstable; urgency=low
293 * Remove /etc/ssl{,/certs} in postrm to please piuparts. (Closes:
296 -- Philipp Kern <pkern@debian.org> Thu, 27 Nov 2008 19:13:17 +0100
298 ca-certificates (20080809) unstable; urgency=low
300 * New cacert.org.pem joining both CACert Class 1 and Class 3 certificates.
301 This file can be used for proper certificate chaining if CACert
302 server certificates are used. The old class3.pem and root.pem
303 certificates are deprecated. This new file could safely serve as
304 a replacement for both. (Closes: #494343)
305 * This also reintroduces the old name for the CACert certificate,
306 thus closing a long-standing bug about its rename to root.crt.
309 -- Philipp Kern <pkern@debian.org> Sat, 09 Aug 2008 14:58:24 -0300
311 ca-certificates (20080617) unstable; urgency=low
313 * Added French Government's IGC/A CA (both DSA and RSA).
316 -- Philipp Kern <pkern@debian.org> Mon, 23 Jun 2008 20:55:53 +0200
318 ca-certificates (20080616) unstable; urgency=low
320 * Fix installation on pt_BR locales. The problem was caused by the
321 .templates choices strings being marked for translation, with pt_BR
322 being the only language which actually translated them. Thanks to
323 Ubuntu for the fix, which needs to be around until Lenny is released
324 or six months have passed, whichever is later. (Closes: #472507)
325 * Drop Fumitoshi from the list of maintainers. Farewell!
326 * Bump Standards-Version to 3.8.0.
328 -- Philipp Kern <pkern@debian.org> Mon, 16 Jun 2008 17:41:50 +0200
330 ca-certificates (20080514) unstable; urgency=medium
332 * Added the new SPI CA certificate, created in response to the latest
333 openssl security update.
334 * Removed old SPI CA certificates (2006, 2007) as CAs cannot be
335 revoked sensibly. Expired CA created in 2003, expired in 2007 left
336 around for reference.
337 * Updated the Galician translation, thanks to Glennie Vignarajah.
340 -- Philipp Kern <pkern@debian.org> Wed, 14 May 2008 10:03:42 +0200
342 ca-certificates (20080411) unstable; urgency=low
344 * Added the current SPI CA certificate, used by Debian's infrastructure.
345 * Added Deutsche Telekom Root CA 2, which is used by German institutions
347 * Updated mozilla certificates from trunk, which led to the following
348 adds (+) and removes (-):
349 + Camerfirma Chambers of Commerce Root
350 + Camerfirma Global Chambersign Root
351 + Certplus Class 2 Primary CA
352 + COMODO Certification Authority
353 + DigiCert Assured ID Root CA
354 + DigiCert Global Root CA
355 + DigiCert High Assurance EV Root CA
358 + Entrust Root Certification Authority
359 + Firmaprofesional Root CA
360 + GeoTrust Global CA 2
361 + GeoTrust Primary Certification Authority
362 + GeoTrust Universal CA
363 + GeoTrust Universal CA 2
364 + GlobalSign Root CA - R2
365 + Go Daddy Class 2 CA
366 + NetLock Business (Class B) Root
367 + NetLock Express (Class C) Root
368 + NetLock Notary (Class A) Root
369 + NetLock Qualified (Class QA) Root
374 + Starfield Class 2 CA
375 + StartCom Certification Authority
378 + SwissSign Gold CA - G2
379 + SwissSign Platinum CA - G2
380 + SwissSign Silver CA - G2
382 + thawte Primary Root CA
383 + TURKTRUST Certificate Services Provider Root 1
384 + TURKTRUST Certificate Services Provider Root 2
385 + VeriSign Class 3 Public Primary Certification Authority - G5
386 + Wells Fargo Root CA
387 + XRamp Global CA Root
388 - Verisign Class 1 Public Primary OCSP Responder
389 - Verisign Class 2 Public Primary OCSP Responder
390 - Verisign Class 3 Public Primary OCSP Responder
391 - Verisign Secure Server OCSP Responder
392 (Closes: #447062, #456581)
393 * Updated the Russian debconf translation, thanks to Mikhail Gusarov.
395 * Reworded the description and made it static to ease translations.
396 * Reworded and amended README.Debian.
397 * Added myself to the uploaders of this package.
398 * Applied a patch by Martin F. Krafft to support hooks scripts
399 on add/remove of a certificate. (Closes: #377314)
401 -- Philipp Kern <pkern@debian.org> Sat, 12 Apr 2008 17:35:26 +0200
403 ca-certificates (20070303-0.1) unstable; urgency=low
405 * Non-maintainer upload to fix longstanding pending l10n issues.
406 * Debconf templates and debian/control reviewed by the debian-l10n-
407 english team as part of the Smith review project.
408 Closes: #432249, #434789
409 * Debconf translation updates:
410 - Japanese. Closes:#433067
411 - Basque. Closes: #433074
412 - Spanish. Closes: #433078
413 - Czech. Closes: #433100
414 - Galician. Closes: #433215
415 - Russian. Closes: #433224
416 - Swedish. Closes: #433432
417 - Vietnamese. Closes: #433792, #427000, #434992
418 - Dutch. Closes: #434670
419 - German. Closes: #434788
420 - Italian. Closes: #435029
421 * Portuguese. Closes: #435471
422 * Finnish. Closes: #448826
423 * Remove /etc/ssl when purging the package (only if that
424 directory is empty). Closes: #454334
425 * [Lintian] Give a reference to the GPL text in debian/copyright
426 * [Lintian] No longer ignore errors from "make clean"
427 * [Lintian] Upgrade debhelper compatibility to 4 (with debian/compat).
429 -- Christian Perrier <bubulle@debian.org> Thu, 14 Feb 2008 19:52:37 +0100
431 ca-certificates (20070303) unstable; urgency=low
433 * Add debconf.org crt. closes: Bug#342088
434 * Add cacert class3 crt. closes: Bug#350282
435 * Add debian/po/pt.po. closes: Bug#408183
436 * Update debian/po/ru.po. closes: Bug#410770
437 * Update debian/po/pt_BR.po. closes: Bug#403824
438 * Add debian/po/gl.po. closes: Bug#407951
440 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 4 Mar 2007 14:12:23 +0900
442 ca-certificates (20061027.2) unstable; urgency=low
444 * Non-maintainer upload to fix an RC issue revealed by the last NMU.
445 * Avoid cd to /etc/ssl/certs to removing hash symlinks
448 -- Christian Perrier <bubulle@debian.org> Fri, 2 Feb 2007 07:23:27 +0100
450 ca-certificates (20061027.1) unstable; urgency=low
452 * Non-maintainer upload to fix remaining l10n issues
453 * Debconf translation updates:
454 - Czech. Closes: #407807
455 - Spanish. Closes: #401968
456 - German. Closes: #396942
457 * Add debconf-updatepo to the clean target in debian/rules
458 to guarantee up-to-date PO(T) files
460 -- Christian Perrier <bubulle@debian.org> Mon, 22 Jan 2007 18:56:53 +0100
463 ca-certificates (20061027) unstable; urgency=low
465 * sbin/update-ca-certificates:
466 in fresh mode, rm symlinks only point to /usr/share/ca-certificates.
467 preserve other symlinks. closes: Bug#387089
468 * debian/po/nl.po: updated
470 * debian/po/fr.po: updated
472 * debian/po/da.po: updated
475 -- Fumitoshi UKAI <ukai@debian.or.jp> Sat, 28 Oct 2006 02:28:50 +0900
477 ca-certificates (20060816) unstable; urgency=low
479 * debian/control: explicitly mention that trustworthiness of certificate
480 authorities is not evaluated.
482 * debian/templates: refine messages
484 * debian/postinst: remove tailing spaces to avoid unnecessary dpkg-old file.
486 * debian/control: libssl0.9.7->libssl0.9.8
488 * debian/postrm: remove .dpkg-old files
490 * debian/README.Debian: fix
492 * debian/postinst: fix typo
494 * debian/po/sv.po: added
496 * debian/po/es.po: added
498 * add new SPI CA certificate
499 submitted by Michael C. Schultheiss <schultmc@debian.org>
501 -- Fumitoshi UKAI <ukai@debian.or.jp> Thu, 17 Aug 2006 13:12:27 +0900
503 ca-certificates (20050804) unstable; urgency=low
505 * use ${misc:Depends} in debian/control for debconf
506 * update description in debian/control
508 * update debian/po/vi.po
510 * update debian/po/de.po
513 -- Fumitoshi UKAI <ukai@debian.or.jp> Thu, 4 Aug 2005 01:29:38 +0900
515 ca-certificates (20050518) unstable; urgency=high
517 * fix ca-certificates.crt generationumask-sensitive and racy
519 * update mozilla/certdata.txt
520 add: "Certum Root CA", "Comodo AAA Services root"
521 "Comodo Secure Services root",
522 "Comodo Trusted Services root",
523 "IPS Chained CAs root", "IPS CLASE1 root", "IPS CLASE3 root",
524 "IPS CLASEA1 root", "IPS CLASEA3 root", "IPS Servidores root"
525 "IPS Timestamping root",
527 "Security Communication Root CA",
528 "Sonera Class 1 Root CA", "Sonera Class 2 Root CA",
529 "Staat der Nederlanden Root CA",
530 "TDC Internet Root CA", "TDC OCES Root CA",
531 "UTN DATACorp SGC Root CA", "UTN USERFirst Email Root CA",
532 "UTN USERFirst Hardware Root CA", "UTN USERFirst Object Root CA"
533 * add CACert.org's Root CA
534 closes: Bug#213086, Bug#288293
535 * add debian/po/vi.po
537 * add debian/po/cs.po
539 * write "How certificate will be accepted in ca-certificates package"
542 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 18 May 2005 00:40:54 +0900
544 ca-certificates (20040809) unstable; urgency=low
546 * previous version was not fixed Bug#255933 correctly.
547 update-ca-certificates now remove symlinks of deselected entries
548 in ca-certificates.conf
551 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 9 Aug 2004 03:23:20 +0900
553 ca-certificates (20040808) unstable; urgency=low
555 * run update-ca-certificates by /bin/sh -e
557 * update-ca-certificates remove symlinks of deselected entries
558 in ca-certificates.conf
560 * change default of trust_new_crts from 'ask' to 'yes'
561 closes: Bug#218838, Bug#221527, Bug#236675, Bug#247509
562 * refer libssl0.9.7 instead of libssl0.9.6 in Enhances:
564 * add brasil.gov.br certs
566 * add Signet CA Roots certs
568 * add QuoVadis CA Roots certs
580 * fix quote characters in template
582 * remove debian.org, because certs used in db.debian.org has been
583 revoked due to debian.org crack incidents.
584 db.debian.org uses certificates using spi-inc.org Root CA.
586 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 8 Aug 2004 10:58:30 +0900
588 ca-certificates (20031007.1) unstable; urgency=low
591 * Add brasil.gov.br/brasil.gov.br.crt, created from
592 http://www.icpbrasil.gov.br/certificadoACRaiz.crt
593 * Add debian/po/pt_BR.po: closes: Bug#224612
595 -- Otavio Salvador <otavio@debian.org> Thu, 5 Aug 2004 12:16:26 -0300
597 ca-certificates (20031007) unstable; urgency=low
599 * add debian/po/ru.po: closes: Bug#214371
601 -- Fumitoshi UKAI <ukai@debian.or.jp> Tue, 7 Oct 2003 03:06:06 +0900
603 ca-certificates (20030924) unstable; urgency=low
605 * add debian/po/ja.po: closes: Bug#212565
607 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 24 Sep 2003 22:09:09 +0900
609 ca-certificates (20030916) unstable; urgency=low
611 * add debian/po/fr.po: closes: Bug#211224, Bug#206769
612 * debian/config: if new cert is asked, don't ask all available certs
615 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 17 Sep 2003 02:12:14 +0900
617 ca-certificates (20030915) unstable; urgency=low
619 * debian/config.in: fix typo. closes: Bug#190990
620 * add option for new CA certificates. closes: Bug#190989
621 * switch to gettext-based debconf templates. closes: Bug#205782
622 * update mozilla/certdata.txt from mozilla 1.4 release
624 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 15 Sep 2003 01:15:04 +0900
626 ca-certificates (20030420) unstable; urgency=low
628 * add README.Debian and update-ca-certificates(8). closes: Bug#189604
629 * fix broken English in debconf template. closes: Bug#189606
630 * don't remove symlinks in /etc/ssl/certs. closes: Bug#189607
631 * preserve comments in /etc/ca-certificates.conf when upgrading.
634 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 21 Apr 2003 00:06:01 +0900
636 ca-certificates (20030415) unstable; urgency=medium
638 * fix upgrade problem
639 closes: Bug#188938, Bug#188940
642 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 14 Apr 2003 23:00:58 +0900
644 ca-certificates (20030414) unstable; urgency=medium
646 * certificates are installed in /usr/share/ca-certificates
647 you can find md5sum of certs files. closes: Bug#170777
649 * debconf to generate /etc/ca-certificates.conf
650 * update-ca-certificates update /etc/ssl/certs according
651 /etc/ca-certificates.conf
652 It also generate /etc/ssl/certs/ca-certificates.crt
653 which is single-file version of certs.
656 * change extension from .pem to .crt in /usr/share/ca-certificates
658 application/x-x509-ca-cert crt
659 but it will be hardlink or copied in /etc/ssl/certs with .pem
660 extension by update-ca-certificates.
661 c_rehash requires .pem extension
663 * Update certificate from mozilla 2:1.3-4
664 mozilla/security/nss/lib/ckfw/builtins/certdata.txt
665 cefd05b299ea683fc6b1ce9ff1e23a3f mozilla/certdata.txt
667 * Add spi-inc.org/spi-ca.crt from http://www.spi-inc.org/secretary/
668 33922a1660820e44812e7ddc392878cb spi-inc.org/spi-ca.crt
669 % openssl x509 -in spi-inc.org/spi-ca.crt -fingerprint -noout
670 MD5 Fingerprint=ED:85:3A:FD:32:43:13:73:91:4D:94:06:C4:10:EB:E5
672 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 14 Apr 2003 00:02:48 +0900
674 ca-certificates (20020323) unstable; urgency=low
676 * Moved from non-US to main now that openssl has moved there.
678 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 24 Mar 2002 03:11:54 +0900
680 ca-certificates (20020208) unstable; urgency=low
682 * add db.debian.org certificate
684 -- Fumitoshi UKAI <ukai@debian.or.jp> Fri, 8 Feb 2002 23:46:11 +0900
686 ca-certificates (20020112) unstable; urgency=low
688 * upload to non-US instead of main, because it depends on openssl
689 (it uses c_rehash in openssl in maintainer scripts)
691 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 13 Jan 2002 04:30:28 +0900
693 ca-certificates (20020107) unstable; urgency=low
695 * Initial Release. closes: Bug#126586
697 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 7 Jan 2002 21:16:51 +0900