lp://staging/ubuntu/trusty-proposed/ca-certificates
- Get this branch:
- bzr branch lp://staging/ubuntu/trusty-proposed/ca-certificates
Branch merges
Related bugs
Bug #1014640: 12.04/openssl refusing some verisign certified sites | Unknown | Confirmed |
Related blueprints
Branch information
Recent revisions
- 28. By Marc Deslauriers
-
mozilla/
certdata2pem. py: Work around openssl issue by shipping both
versions of the same signed roots. Previously, the script would simply
overwrite the first one found in the certdata.txt with the later one
since they both have the same CKA_LABEL, resulting in identical
filenames. (LP: #1014640) - 27. By Michael Shuler
-
* Add ca-certificates
-local source package example to documentation
* Update local certificate handling in README.Debian.
Closes: #718173, LP: #487845
* Update CA inclusion policy for ca-certificates in README.Debian. With
the exception of SPI and CAcert, only those CAs included in Mozilla's
trust store will be included in ca-certificates in Debian.
Closes: #647848, LP: #103074
* Clarify that not all software that uses SSL uses ca-certificates in
README.Debian. Closes: #664769
* Add mozilla/nssckbi.h to source, since certdata.txt no longer contains
a version number.
* Update debian/copyright to "Copyright: Mozilla Contributors" for
mozilla/{certdata. txt,nssckbi. h}.
* Update mozilla/certdata. txt to version 1.94
Certificates added (+) and removed (-):
+ "CA Disig Root R1"
+ "CA Disig Root R2"
+ "China Internet Network Information Center EV Certificates Root"
+ "D-TRUST Root Class 3 CA 2 2009"
+ "D-TRUST Root Class 3 CA 2 EV 2009"
+ "PSCProcert"
+ "Swisscom Root CA 2"
+ "Swisscom Root EV CA 2"
+ "TURKTRUST Certificate Services Provider Root 2007"
- "Equifax Secure eBusiness CA 2"
- "TC TrustCenter Universal CA III" - 26. By Thijs Kinkhorst
-
[ Michael Shuler ]
* Install CAcert root and class3 certificates individually, no longer
installing the concatenation of the two. The individual certificates
are installed as cacert.org_root.crt and cacert.org_class3. crt for ease
of identification. Additionally, this allows openssl maintainers to drop
a problematic patch to c_rehash for handling multi-certificate files.
(see #642314) Closes: #692323
* Update Vcs-* fields for lintian vcs-field-not-canonical
* Update to machine-readable debian/copyright file v1.0[ Thijs Kinkhorst ]
* Drop upgrading code for upgrades from Debian Etch and earlier.
* Remove obsolete debconf.org CA certificate. DebConf now uses an
intermediate certificate signed by SPI. (Closes: #693405)
* Remove obsolete SPI CA certiticate.
* Update Standards-Version: 3.9.4 (no changes needed)
* Clean up man page (LP#: 850997). - 25. By Michael Shuler
-
* Update mozilla/
certdata. txt to version 1.87 Closes: #697366
Certificates removed (-) (none added):
- "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı"
* Remove unneeded and confusing usage of interest-noawait; remove unneeded
Pre-Depends on dpkg. Thanks to Guillem Jover for the help and patch.
Closes: #537051 - 24. By Michael Shuler
-
[ Don Armstrong ]
* Breaks ca-certificates-java (<<20121112+nmu1); partially fixing #537051.
* Provide update-ca-certificates and update- ca-certificates -fresh
triggers.
* Call the triggers using no-await so that the configuration files from
the newer version of ca-certificates-java are in places before the
upgrade. Closes: #537051.[ Michael Shuler ]
* Add note to previous mozilla/certdata. txt changelog entry to document
CKT_NSS_MUST_VERIFY_ TRUST changes. - 23. By Michael Shuler
-
* Update mozilla/
certdata. txt to version 1.86 Closes: #683728
Certificates added (+) (none removed):
+ "Actalis Authentication Root CA"
+ "Trustis FPS Root CA"
+ "StartCom Certification Authority" (renewal/rehash)
+ "StartCom Certification Authority G2"
+ "Buypass Class 2 Root CA"
+ "Buypass Class 3 Root CA"
+ "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı"
+ "T-TeleSec GlobalRoot Class 3"
+ "EE Certification Centre Root CA"
* Correct piuparts package remove/purge behavior Closes: #682125
- Remove deletes of /etc/ssl{,/certs} from debian/postrm - 22. By Michael Shuler
-
* Add Polish translation, thanks to Michał Kułach. Closes: #660002
* Add Turkish translation, thanks to Atila KOÇ. Closes: #661785
* Correct update-ca-certificates (8) alignment Closes: #666932
* Add note to update-ca-certificates (8) about .crt extension needed for
CA certificates in /usr/local/share/ca- certificates Closes: #595279
* Update mozilla/certdata. txt to version 1.83
Mozilla Public License updated to v2.0
(no added/removed CAs)
* Update debian/copyright to:
- reflect MPL v2.0 update for mozilla/certdata. txt
- specify GPL-2 instead of GPL symlink
* Update debian/NEWS with added/removed certs from 20111211 and 20120212
* Update to Standards-Version: 3.9.3 (no changes needed) - 21. By Michael Shuler
-
* Update mozilla/
certdata. txt to version 1.81
Certificates added (+) and removed (-):
+ "Security Communication RootCA2"
+ "EC-ACC"
+ "Hellenic Academic and Research Institutions RootCA 2011"
- "Verisign Class 2 Public Primary Certification Authority"
- "Verisign Class 4 Public Primary Certification Authority - G2"
- "TC TrustCenter, Germany, Class 2 CA"
- "TC TrustCenter, Germany, Class 3 CA"
* Add notice to README.Debian deprecating CA inclusions and refer to
#647848 for Debian CA Certificate Policy discussion. - 20. By Michael Shuler
-
* Clarify CA audit note in package description and README.debian. Thanks
to C.J. Adams-Collier for the patch. Closes: #594383
* Remove French Government IGC/A CA certificates. The RSA certificate is
included in the Mozilla bundle and the DSA certificate is not in use.
Closes: #646767
* Remove expired signet.pl CAs. Closes: #647849
* Remove expired brasil.gov.br CA.
* Edit 20111025 changelog/NEWS entries to correctly list installed CAs
* Use 'set -e' in body of debian/postinst
* Update mozilla/certdata. txt to version 1.80
(no added/removed CAs)
* Update mozilla/certdata2pem. py to parse NETSCAPE or NSS data
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/utopic/ca-certificates