ca-certificates_20090814~bpo50+1_i386.changes is NEW

To: Holger Levsen <holger@debian.org>, Philipp Kern <pkern@debian.org>
Subject: ca-certificates_20090814~bpo50+1_i386.changes is NEW
From: Backports.org archive Installer <installer@backports.org>
Date: Sat, 23 Jan 2010 14:32:03 +0100 (CET)
Message-id: <[🔎] 20100123133203.89C9A292A30A1@www.backports.org>

(new) ca-certificates_20090814~bpo50+1.dsc optional misc
(new) ca-certificates_20090814~bpo50+1.tar.gz optional misc
(new) ca-certificates_20090814~bpo50+1_all.deb optional misc
Common CA certificates
 This package includes PEM files of CA certificates to allow SSL-based
 applications to check for the authenticity of SSL connections.
 .
 It includes, among others, certificate authorities used by the Debian
 infrastructure and those shipped with Mozilla's browsers.
 .
 Please note that certificate authorities whose certificates are
 included in this package are not in any way audited for
 trustworthiness and RFC 3647 compliance, and that full responsibility
 to assess them belongs to the local system administrator.
Changes: ca-certificates (20090814~bpo50+1) lenny-backports; urgency=low
 .
  * Rebuild for lenny-backports, no changes needed.
 .
ca-certificates (20090814) unstable; urgency=low
 .
  * Call Debconf and its db_purge as early as possible in postrm.
    (Closes: #541275)
 .
ca-certificates (20090709) unstable; urgency=low
 .
  * Fix purge by checking for `/etc/ssl/certs' first.  (Closes: #536331)
 .
ca-certificates (20090708) unstable; urgency=low
 .
  * Removed CA files:
    - cacert.org/root.crt and cacert.org/class3.crt:
      Both certificate files were deprecated with 20080809.  Users of these
      root certificates are encouraged to switch to
      `cacert.org/cacert.org.crt' which contains both class 1 and class 3
      roots joined in a single file.
    - quovadis.bm/QuoVadis_Root_Certification_Authority.crt:
      This certificate has been added into the Mozilla truststore and
      is available as `mozilla/QuoVadis_Root_CA.crt'.
  * Do not redirect c_rehash error messages to /dev/null.
    (Closes: #495224)
  * Remove dangling symlinks on purge, which also gets rid of the hash
    symlink for ca-certificates.crt.  (Closes: #475240)
  * Use subshells when grepping for certificates in config, avoiding
    SIGPIPE because of grep's immediate exit after it finds the pattern.
    (Closes: #486737)
  * Fix VERBOSE_ARG usage in update-ca-certificates.  Thanks to
    Robby Workman of Slackware.
  * Updated Standards-Version and FSF portal address in the copyright file.
 .
ca-certificates (20090701) unstable; urgency=low
 .
  * Reactivated "Equifax Secure Global eBusiness CA".  (Closes: #534674)
    Rationale: The rogue collision CA has its validity period in the past.
    Thus it does not impose a risk upon us at the moment.
  * Restrict search for local certificates to add on files ending with '.crt'.
  * Canonicalize PEM names by applying the same set of substitions to
    local and other certificates like the Mozilla certdata dumper does.
 .
ca-certificates (20090624) unstable; urgency=low
 .
  * Allow local certificate installation.  All certificates found
    in `/usr/local/share/ca-certificates' will be automatically added
    to the list of trusted certificates in `/etc/ssl/certs'.
    (Closes: #352637, #419491, #473677, #476663, #511150)
  * Updated Mozilla certificates from nss 3.12.3-1 (certdata.txt revision
    1.51):
    + COMODO ECC Certification Authority
    + DigiNotar Root CA
    + Network Solutions Certificate Authority
    + WellsSecure Public Root Certificate Authority
    - Equifax Secure Global eBusiness CA
    - UTN USERFirst Object Root CA
  * Reimplemented the Mozilla certdata parser mainly to exclude explicitly
    untrusted certificates.  This led to the exclusion of the
    "MD5 Collisions Forged Rogue CA 23c3" and its parent
    "Equifax Secure Global eBusiness CA".  Furthermore code signing-only
    certificates are no longer included neither.
  * Remove the purging of old PEM files in postinst dating back to
    versions earlier than 20030414.
  * Hooks are now called at every invocation of `update-ca-certificates'.
    If no changes were done to `/etc/ssl/certs', the input for the
    hooks will be empty, though.  Failure exit codes of hooks will not
    tear down the upgrade process anymore.  They are printed but ignored.
 .
ca-certificates (20081127) unstable; urgency=low
 .
  * Remove /etc/ssl{,/certs} in postrm to please piuparts.  (Closes:
    #454334)


Override entries for your package:

Announcing to backports-changes@lists.backports.org


Your package contains new components which requires manual editing of
the override file.  It is ok otherwise, so please be patient.  New
packages are usually added to the override file about once a week.

You may have gotten the distribution wrong.  You'll get warnings above
if files already exist in other distributions.

Reply to:

Prev by Date: [Backports-queue] Processing of ca-certificates_20090814~bpo50+1_i386.changes
Next by Date: [Backports-queue] Processing of jed_0.99.19-1~bpo50+1_i386.changes
Previous by thread: [Backports-queue] Processing of ca-certificates_20090814~bpo50+1_i386.changes
Next by thread: [Backports-queue] Processing of jed_0.99.19-1~bpo50+1_i386.changes
Index(es):
- Date
- Thread