1 ca-certificates (20081127) unstable; urgency=low
3 * Remove /etc/ssl{,/certs} in postrm to please piuparts. (Closes:
6 -- Philipp Kern <pkern@debian.org> Thu, 27 Nov 2008 19:13:17 +0100
8 ca-certificates (20080809) unstable; urgency=low
10 * New cacert.org.pem joining both CACert Class 1 and Class 3 certificates.
11 This file can be used for proper certificate chaining if CACert
12 server certificates are used. The old class3.pem and root.pem
13 certificates are deprecated. This new file could safely serve as
14 a replacement for both. (Closes: #494343)
15 * This also reintroduces the old name for the CACert certificate,
16 thus closing a long-standing bug about its rename to root.crt.
19 -- Philipp Kern <pkern@debian.org> Sat, 09 Aug 2008 14:58:24 -0300
21 ca-certificates (20080617) unstable; urgency=low
23 * Added French Government's IGC/A CA (both DSA and RSA).
26 -- Philipp Kern <pkern@debian.org> Mon, 23 Jun 2008 20:55:53 +0200
28 ca-certificates (20080616) unstable; urgency=low
30 * Fix installation on pt_BR locales. The problem was caused by the
31 .templates choices strings being marked for translation, with pt_BR
32 being the only language which actually translated them. Thanks to
33 Ubuntu for the fix, which needs to be around until Lenny is released
34 or six months have passed, whichever is later. (Closes: #472507)
35 * Drop Fumitoshi from the list of maintainers. Farewell!
36 * Bump Standards-Version to 3.8.0.
38 -- Philipp Kern <pkern@debian.org> Mon, 16 Jun 2008 17:41:50 +0200
40 ca-certificates (20080514) unstable; urgency=medium
42 * Added the new SPI CA certificate, created in response to the latest
43 openssl security update.
44 * Removed old SPI CA certificates (2006, 2007) as CAs cannot be
45 revoked sensibly. Expired CA created in 2003, expired in 2007 left
47 * Updated the Galician translation, thanks to Glennie Vignarajah.
50 -- Philipp Kern <pkern@debian.org> Wed, 14 May 2008 10:03:42 +0200
52 ca-certificates (20080411) unstable; urgency=low
54 * Added the current SPI CA certificate, used by Debian's infrastructure.
55 * Added Deutsche Telekom Root CA 2, which is used by German institutions
57 * Updated mozilla certificates from trunk, which led to the following
58 adds (+) and removes (-):
59 + Camerfirma Chambers of Commerce Root
60 + Camerfirma Global Chambersign Root
61 + Certplus Class 2 Primary CA
62 + COMODO Certification Authority
63 + DigiCert Assured ID Root CA
64 + DigiCert Global Root CA
65 + DigiCert High Assurance EV Root CA
68 + Entrust Root Certification Authority
69 + Firmaprofesional Root CA
70 + GeoTrust Global CA 2
71 + GeoTrust Primary Certification Authority
72 + GeoTrust Universal CA
73 + GeoTrust Universal CA 2
74 + GlobalSign Root CA - R2
76 + NetLock Business (Class B) Root
77 + NetLock Express (Class C) Root
78 + NetLock Notary (Class A) Root
79 + NetLock Qualified (Class QA) Root
84 + Starfield Class 2 CA
85 + StartCom Certification Authority
88 + SwissSign Gold CA - G2
89 + SwissSign Platinum CA - G2
90 + SwissSign Silver CA - G2
92 + thawte Primary Root CA
93 + TURKTRUST Certificate Services Provider Root 1
94 + TURKTRUST Certificate Services Provider Root 2
95 + VeriSign Class 3 Public Primary Certification Authority - G5
97 + XRamp Global CA Root
98 - Verisign Class 1 Public Primary OCSP Responder
99 - Verisign Class 2 Public Primary OCSP Responder
100 - Verisign Class 3 Public Primary OCSP Responder
101 - Verisign Secure Server OCSP Responder
102 (Closes: #447062, #456581)
103 * Updated the Russian debconf translation, thanks to Mikhail Gusarov.
105 * Reworded the description and made it static to ease translations.
106 * Reworded and amended README.Debian.
107 * Added myself to the uploaders of this package.
108 * Applied a patch by Martin F. Krafft to support hooks scripts
109 on add/remove of a certificate. (Closes: #377314)
111 -- Philipp Kern <pkern@debian.org> Sat, 12 Apr 2008 17:35:26 +0200
113 ca-certificates (20070303-0.1) unstable; urgency=low
115 * Non-maintainer upload to fix longstanding pending l10n issues.
116 * Debconf templates and debian/control reviewed by the debian-l10n-
117 english team as part of the Smith review project.
118 Closes: #432249, #434789
119 * Debconf translation updates:
120 - Japanese. Closes:#433067
121 - Basque. Closes: #433074
122 - Spanish. Closes: #433078
123 - Czech. Closes: #433100
124 - Galician. Closes: #433215
125 - Russian. Closes: #433224
126 - Swedish. Closes: #433432
127 - Vietnamese. Closes: #433792, #427000, #434992
128 - Dutch. Closes: #434670
129 - German. Closes: #434788
130 - Italian. Closes: #435029
131 * Portuguese. Closes: #435471
132 * Finnish. Closes: #448826
133 * Remove /etc/ssl when purging the package (only if that
134 directory is empty). Closes: #454334
135 * [Lintian] Give a reference to the GPL text in debian/copyright
136 * [Lintian] No longer ignore errors from "make clean"
137 * [Lintian] Upgrade debhelper compatibility to 4 (with debian/compat).
139 -- Christian Perrier <bubulle@debian.org> Thu, 14 Feb 2008 19:52:37 +0100
141 ca-certificates (20070303) unstable; urgency=low
143 * Add debconf.org crt. closes: Bug#342088
144 * Add cacert class3 crt. closes: Bug#350282
145 * Add debian/po/pt.po. closes: Bug#408183
146 * Update debian/po/ru.po. closes: Bug#410770
147 * Update debian/po/pt_BR.po. closes: Bug#403824
148 * Add debian/po/gl.po. closes: Bug#407951
150 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 4 Mar 2007 14:12:23 +0900
152 ca-certificates (20061027.2) unstable; urgency=low
154 * Non-maintainer upload to fix an RC issue revealed by the last NMU.
155 * Avoid cd to /etc/ssl/certs to removing hash symlinks
158 -- Christian Perrier <bubulle@debian.org> Fri, 2 Feb 2007 07:23:27 +0100
160 ca-certificates (20061027.1) unstable; urgency=low
162 * Non-maintainer upload to fix remaining l10n issues
163 * Debconf translation updates:
164 - Czech. Closes: #407807
165 - Spanish. Closes: #401968
166 - German. Closes: #396942
167 * Add debconf-updatepo to the clean target in debian/rules
168 to guarantee up-to-date PO(T) files
170 -- Christian Perrier <bubulle@debian.org> Mon, 22 Jan 2007 18:56:53 +0100
173 ca-certificates (20061027) unstable; urgency=low
175 * sbin/update-ca-certificates:
176 in fresh mode, rm symlinks only point to /usr/share/ca-certificates.
177 preserve other symlinks. closes: Bug#387089
178 * debian/po/nl.po: updated
180 * debian/po/fr.po: updated
182 * debian/po/da.po: updated
185 -- Fumitoshi UKAI <ukai@debian.or.jp> Sat, 28 Oct 2006 02:28:50 +0900
187 ca-certificates (20060816) unstable; urgency=low
189 * debian/control: explicitly mention that trustworthiness of certificate
190 authorities is not evaluated.
192 * debian/templates: refine messages
194 * debian/postinst: remove tailing spaces to avoid unnecessary dpkg-old file.
196 * debian/control: libssl0.9.7->libssl0.9.8
198 * debian/postrm: remove .dpkg-old files
200 * debian/README.Debian: fix
202 * debian/postinst: fix typo
204 * debian/po/sv.po: added
206 * debian/po/es.po: added
208 * add new SPI CA certificate
209 submitted by Michael C. Schultheiss <schultmc@debian.org>
211 -- Fumitoshi UKAI <ukai@debian.or.jp> Thu, 17 Aug 2006 13:12:27 +0900
213 ca-certificates (20050804) unstable; urgency=low
215 * use ${misc:Depends} in debian/control for debconf
216 * update description in debian/control
218 * update debian/po/vi.po
220 * update debian/po/de.po
223 -- Fumitoshi UKAI <ukai@debian.or.jp> Thu, 4 Aug 2005 01:29:38 +0900
225 ca-certificates (20050518) unstable; urgency=high
227 * fix ca-certificates.crt generationumask-sensitive and racy
229 * update mozilla/certdata.txt
230 add: "Certum Root CA", "Comodo AAA Services root"
231 "Comodo Secure Services root",
232 "Comodo Trusted Services root",
233 "IPS Chained CAs root", "IPS CLASE1 root", "IPS CLASE3 root",
234 "IPS CLASEA1 root", "IPS CLASEA3 root", "IPS Servidores root"
235 "IPS Timestamping root",
237 "Security Communication Root CA",
238 "Sonera Class 1 Root CA", "Sonera Class 2 Root CA",
239 "Staat der Nederlanden Root CA",
240 "TDC Internet Root CA", "TDC OCES Root CA",
241 "UTN DATACorp SGC Root CA", "UTN USERFirst Email Root CA",
242 "UTN USERFirst Hardware Root CA", "UTN USERFirst Object Root CA"
243 * add CACert.org's Root CA
244 closes: Bug#213086, Bug#288293
245 * add debian/po/vi.po
247 * add debian/po/cs.po
249 * write "How certificate will be accepted in ca-certificates package"
252 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 18 May 2005 00:40:54 +0900
254 ca-certificates (20040809) unstable; urgency=low
256 * previous version was not fixed Bug#255933 correctly.
257 update-ca-certificates now remove symlinks of deselected entries
258 in ca-certificates.conf
261 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 9 Aug 2004 03:23:20 +0900
263 ca-certificates (20040808) unstable; urgency=low
265 * run update-ca-certificates by /bin/sh -e
267 * update-ca-certificates remove symlinks of deselected entries
268 in ca-certificates.conf
270 * change default of trust_new_crts from 'ask' to 'yes'
271 closes: Bug#218838, Bug#221527, Bug#236675, Bug#247509
272 * refer libssl0.9.7 instead of libssl0.9.6 in Enhances:
274 * add brasil.gov.br certs
276 * add Signet CA Roots certs
278 * add QuoVadis CA Roots certs
290 * fix quote characters in template
292 * remove debian.org, because certs used in db.debian.org has been
293 revoked due to debian.org crack incidents.
294 db.debian.org uses certificates using spi-inc.org Root CA.
296 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 8 Aug 2004 10:58:30 +0900
298 ca-certificates (20031007.1) unstable; urgency=low
301 * Add brasil.gov.br/brasil.gov.br.crt, created from
302 http://www.icpbrasil.gov.br/certificadoACRaiz.crt
303 * Add debian/po/pt_BR.po: closes: Bug#224612
305 -- Otavio Salvador <otavio@debian.org> Thu, 5 Aug 2004 12:16:26 -0300
307 ca-certificates (20031007) unstable; urgency=low
309 * add debian/po/ru.po: closes: Bug#214371
311 -- Fumitoshi UKAI <ukai@debian.or.jp> Tue, 7 Oct 2003 03:06:06 +0900
313 ca-certificates (20030924) unstable; urgency=low
315 * add debian/po/ja.po: closes: Bug#212565
317 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 24 Sep 2003 22:09:09 +0900
319 ca-certificates (20030916) unstable; urgency=low
321 * add debian/po/fr.po: closes: Bug#211224, Bug#206769
322 * debian/config: if new cert is asked, don't ask all available certs
325 -- Fumitoshi UKAI <ukai@debian.or.jp> Wed, 17 Sep 2003 02:12:14 +0900
327 ca-certificates (20030915) unstable; urgency=low
329 * debian/config.in: fix typo. closes: Bug#190990
330 * add option for new CA certificates. closes: Bug#190989
331 * switch to gettext-based debconf templates. closes: Bug#205782
332 * update mozilla/certdata.txt from mozilla 1.4 release
334 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 15 Sep 2003 01:15:04 +0900
336 ca-certificates (20030420) unstable; urgency=low
338 * add README.Debian and update-ca-certificates(8). closes: Bug#189604
339 * fix broken English in debconf template. closes: Bug#189606
340 * don't remove symlinks in /etc/ssl/certs. closes: Bug#189607
341 * preserve comments in /etc/ca-certificates.conf when upgrading.
344 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 21 Apr 2003 00:06:01 +0900
346 ca-certificates (20030415) unstable; urgency=medium
348 * fix upgrade problem
349 closes: Bug#188938, Bug#188940
352 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 14 Apr 2003 23:00:58 +0900
354 ca-certificates (20030414) unstable; urgency=medium
356 * certificates are installed in /usr/share/ca-certificates
357 you can find md5sum of certs files. closes: Bug#170777
359 * debconf to generate /etc/ca-certificates.conf
360 * update-ca-certificates update /etc/ssl/certs according
361 /etc/ca-certificates.conf
362 It also generate /etc/ssl/certs/ca-certificates.crt
363 which is single-file version of certs.
366 * change extension from .pem to .crt in /usr/share/ca-certificates
368 application/x-x509-ca-cert crt
369 but it will be hardlink or copied in /etc/ssl/certs with .pem
370 extension by update-ca-certificates.
371 c_rehash requires .pem extension
373 * Update certificate from mozilla 2:1.3-4
374 mozilla/security/nss/lib/ckfw/builtins/certdata.txt
375 cefd05b299ea683fc6b1ce9ff1e23a3f mozilla/certdata.txt
377 * Add spi-inc.org/spi-ca.crt from http://www.spi-inc.org/secretary/
378 33922a1660820e44812e7ddc392878cb spi-inc.org/spi-ca.crt
379 % openssl x509 -in spi-inc.org/spi-ca.crt -fingerprint -noout
380 MD5 Fingerprint=ED:85:3A:FD:32:43:13:73:91:4D:94:06:C4:10:EB:E5
382 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 14 Apr 2003 00:02:48 +0900
384 ca-certificates (20020323) unstable; urgency=low
386 * Moved from non-US to main now that openssl has moved there.
388 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 24 Mar 2002 03:11:54 +0900
390 ca-certificates (20020208) unstable; urgency=low
392 * add db.debian.org certificate
394 -- Fumitoshi UKAI <ukai@debian.or.jp> Fri, 8 Feb 2002 23:46:11 +0900
396 ca-certificates (20020112) unstable; urgency=low
398 * upload to non-US instead of main, because it depends on openssl
399 (it uses c_rehash in openssl in maintainer scripts)
401 -- Fumitoshi UKAI <ukai@debian.or.jp> Sun, 13 Jan 2002 04:30:28 +0900
403 ca-certificates (20020107) unstable; urgency=low
405 * Initial Release. closes: Bug#126586
407 -- Fumitoshi UKAI <ukai@debian.or.jp> Mon, 7 Jan 2002 21:16:51 +0900