--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
(requesting unblock, although I am not the maintainer)
Please unblock package ca-certificates-java
ca-certificates-java/20121112+nmu1 provides serious/important fixes
that correct squeeze -> wheezy upgrades using the triggers provided by
ca-certificates (>=20121114), as well as a fix test for dpkg-query in
postinst and correcting library path for softokn3pkg and nsspkg.
Thank you!
- --
Kind regards,
Michael Shuler
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJQ+2rtAAoJEKJ4t4H+SyvaM1cQAJA90U4nGkVvGM2NgFuc/gMB
pf+0BphYhvllJt8CgSrPIqnHv+aBHbPitydZ20JzUOBV6ZtY70w5ZVmmn2nfg0cp
t8qkfjnSCEYi3pmC+tThxT5Y+/iSEz24bXLKtS6rXkZsiikYDKDZHzYTfZowRW9z
joKIWWJuBBfNPoqsfbavhJKBAAd4N4S3nfIhuphum0O16k8ceev2VDAVRF/cHixh
EMaYMfehwlQnnlkIDx2eC/mhkUuwY2nfyJdGhYLcKL9waxHSBeTKi/uJZMsd4RxM
RKlLF4UY5GE3BoxaL0eRha+LFYIM8llMsC8apo8qXUIepYWzLVG+4dSS4ntJQYCB
Kly+hmW8/gF0LoylMvIrGENMU0N2WDyArHMCIMXlV7JyCKVB2nzcvv59hHvQust9
ESrSkSjKHsM2ItD0jkhtYr3TdbmY/74W3Q98s/B1Gy92TUzyYrGttrYUfpZyvFv6
NRhaWh27mJE6HA/GQkGsIYaoPpgE9pwBYg5mrsmqR2Ftr7LpNxY9+wIMXtlgQsKI
Ta3+R7xjy7ay8xx8G3wLdn2cn5U5H/hacRuZG+TH3hQcZyIQK4ccTJavg0w1Xmrr
jKfyJyyxKTuDWK1RH0AV+rTfOX/3Xt2J3+2Kl1MnoqQoAXJbEHKmqlGNuo5U9mOo
M1ZFi1iDzjOMPdxCNHg5
=cMgH
-----END PGP SIGNATURE-----
diff -Nru ca-certificates-java-20120721/debian/ca-certificates-java.triggers ca-certificates-java-20121112+nmu1/debian/ca-certificates-java.triggers
--- ca-certificates-java-20120721/debian/ca-certificates-java.triggers 1969-12-31 18:00:00.000000000 -0600
+++ ca-certificates-java-20121112+nmu1/debian/ca-certificates-java.triggers 2012-11-12 20:03:54.000000000 -0600
@@ -0,0 +1 @@
+activate update-ca-certificates
diff -Nru ca-certificates-java-20120721/debian/changelog ca-certificates-java-20121112+nmu1/debian/changelog
--- ca-certificates-java-20120721/debian/changelog 2012-07-21 07:05:01.000000000 -0500
+++ ca-certificates-java-20121112+nmu1/debian/changelog 2012-11-28 17:59:50.000000000 -0600
@@ -1,3 +1,17 @@
+ca-certificates-java (20121112+nmu1) unstable; urgency=low
+
+ * Non-maintainer upload
+ * Fix test for dpkg-query in postinst; there was an extraneous --version
+ here. [Probably don't even need to bother to check for dpkg-query, but
+ why not.] (Closes: #690204)
+ * Library path for softokn3pkg and nsspkg is potentially wrong if there
+ are multiple different paths; fix it.
+ * Do not run the hook if ca-certificates-java has been removed but not
+ purged.
+ * Use the new trigger support provided by ca-certificates (>=20121114).
+
+ -- Don Armstrong <don@debian.org> Mon, 12 Nov 2012 15:45:50 -0800
+
ca-certificates-java (20120721) unstable; urgency=low
* Fix jks-keystore and postinst to work on multi-arch system.
diff -Nru ca-certificates-java-20120721/debian/control ca-certificates-java-20121112+nmu1/debian/control
--- ca-certificates-java-20120721/debian/control 2012-06-08 17:05:19.000000000 -0500
+++ ca-certificates-java-20121112+nmu1/debian/control 2012-11-28 17:43:50.000000000 -0600
@@ -15,7 +15,7 @@
Package: ca-certificates-java
Architecture: all
Multi-Arch: foreign
-Depends: ca-certificates (>= 20090814),
+Depends: ca-certificates (>= 20121114),
${jre:Depends} | java6-runtime-headless,
${misc:Depends},
${nss:Depends}
diff -Nru ca-certificates-java-20120721/debian/jks-keystore.hook.in ca-certificates-java-20121112+nmu1/debian/jks-keystore.hook.in
--- ca-certificates-java-20120721/debian/jks-keystore.hook.in 2012-07-21 06:30:21.000000000 -0500
+++ ca-certificates-java-20121112+nmu1/debian/jks-keystore.hook.in 2012-11-12 18:50:31.000000000 -0600
@@ -25,7 +25,7 @@
}
echo ""
-if [ "$cacerts_updates" != yes ] || [ "$CACERT_UPDATES" = disabled ]; then
+if [ "$cacerts_updates" != yes ] || [ "$CACERT_UPDATES" = disabled ] || [ ! -e $JAR ]; then
echo "updates of cacerts keystore disabled."
exit 0
fi
@@ -53,12 +53,12 @@
fi
if dpkg-query --version >/dev/null; then
- nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libnss3\.so$,\1,p')
+ nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libnss3\.so$,\1,p'|head -n 1)
nssjdk=$(sed -n '/nssLibraryDirectory/s/.*= *\(.*\)/\1/p' /etc/${jvm%-$arch}/security/nss.cfg)
if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]; then
ln -sf $nsspkg/libnss3.so $nssjdk/libnss3.so
fi
- softokn3pkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libsoftokn3\.so$,\1,p')
+ softokn3pkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libsoftokn3\.so$,\1,p'|head -n 1)
if [ -n "$softokn3pkg" ] && [ -n "$nssjdk" ] && [ "$softokn3pkg" != "$nssjdk" ]; then
ln -sf $softokn3pkg/libsoftokn3.so $nssjdk/libsoftokn3.so
fi
diff -Nru ca-certificates-java-20120721/debian/postinst.in ca-certificates-java-20121112+nmu1/debian/postinst.in
--- ca-certificates-java-20120721/debian/postinst.in 2012-07-21 06:30:13.000000000 -0500
+++ ca-certificates-java-20121112+nmu1/debian/postinst.in 2012-11-12 18:44:54.000000000 -0600
@@ -38,8 +38,8 @@
first_install()
{
- if which dpkg-query --version >/dev/null; then
- nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libnss3\.so$,\1,p')
+ if which dpkg-query >/dev/null; then
+ nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libnss3\.so$,\1,p'|head -n 1)
nssjdk=$(sed -n '/nssLibraryDirectory/s/.*= *\(.*\)/\1/p' /etc/${jvm%-$arch}/security/nss.cfg)
if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]; then
ln -sf $nsspkg/libnss3.so $nssjdk/libnss3.so
--- End Message ---
--- Begin Message ---
On 2013-01-30 14:08, Andreas Beckmann wrote:
> Followup-For: Bug #698538
> Control: retitle -1 unblock: ca-certificates-java/20121112+nmu2
>
> Hi,
>
> fixed also the problem w.r.t to nss.cfg which only uncovered after the
> first fix.
>
> ca-certificates-java (20121112+nmu2) unstable; urgency=medium
>
> * Non-maintainer upload.
> * postinst, jks-keystore.hook: Do not fail if nss.cfg does not (yet) exist,
> i.e. if openjdk-?-jre-headless is unpacked but not yet configured.
> (Closes: #694888)
> * Set urgency to medium for RC bugfix.
>
> -- Andreas Beckmann <anbe@debian.org> Sun, 27 Jan 2013 14:19:41 +0100
>
> ca-certificates-java (20121112+nmu1) unstable; urgency=low
>
> * Non-maintainer upload
> * Fix test for dpkg-query in postinst; there was an extraneous --version
> here. [Probably don't even need to bother to check for dpkg-query, but
> why not.] (Closes: #690204)
> * Library path for softokn3pkg and nsspkg is potentially wrong if there
> are multiple different paths; fix it.
> * Do not run the hook if ca-certificates-java has been removed but not
> purged.
> * Use the new trigger support provided by ca-certificates (>=20121114).
>
> -- Don Armstrong <don@debian.org> Mon, 12 Nov 2012 15:45:50 -0800
>
>
> Andreas
>
> unblock ca-certificates-java/20121112+nmu2
Unblocked, thanks.
~Niels
--- End Message ---