blacklist expired cert; rel 2

diff --git a/blacklist.patch b/blacklist.patch
new file mode 100644 (file)
index 0000000..94792ae
--- /dev/null
+++ b/blacklist.patch
@@ -0,0 +1,7 @@
+--- ca-certificates/mozilla/blacklist.txt.orig 2023-03-11 09:37:33.000000000 +0100
++++ ca-certificates/mozilla/blacklist.txt      2023-03-12 18:49:47.285310067 +0100
+@@ -4,3 +4,4 @@
+ "Explicitly Distrust DigiNotar Root CA"
+ 
+ # Expired CAs
++"E-Tugra Certification Authority"

diff --git a/ca-certificates.spec b/ca-certificates.spec
index 3808a14c3979a36c2c91b420201574ee63063214..1a8c0490a8b97a7a2927b0bf8db3552f9f7d0404 100644 (file)
--- a/ca-certificates.spec
+++ b/ca-certificates.spec
@@ -13,7 +13,7 @@ Summary(pl.UTF-8):    Pliki PEM popularnych certyfikatów CA
 Name:          ca-certificates
 %define        ver_date        20230311
 Version:       %{ver_date}
-Release:       1
+Release:       2
 License:       GPL v2 (scripts), MPL v2 (mozilla certs), distributable (other certs)
 Group:         Base
 Source0:       http://ftp.debian.org/debian/pool/main/c/ca-certificates/%{name}_%{version}.tar.xz
@@ -60,6 +60,7 @@ Patch2:               %{name}-etc-certs.patch
 Patch3:                %{name}-DESTDIR.patch
 Patch4:                %{name}.d.patch
 Patch5:                no-openssl-rehash.patch
+Patch6:                blacklist.patch
 URL:           https://packages.debian.org/sid/ca-certificates
 BuildRequires: openssl-tools
 BuildRequires: python3
@@ -111,6 +112,7 @@ cd ca-certificates
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
+%patch6 -p1
 
 %{__sed} -i -e 's,@openssldir@,%{openssldir},' sbin/update-ca-certificates*