From f6a73a2217cee4649dd8eab241f96e66a6f3b064 Mon Sep 17 00:00:00 2001 From: Jan Palus Date: Sun, 12 Mar 2023 19:00:12 +0100 Subject: [PATCH] blacklist expired cert; rel 2 --- blacklist.patch | 7 +++++++ ca-certificates.spec | 4 +++- 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 blacklist.patch diff --git a/blacklist.patch b/blacklist.patch new file mode 100644 index 0000000..94792ae --- /dev/null +++ b/blacklist.patch @@ -0,0 +1,7 @@ +--- ca-certificates/mozilla/blacklist.txt.orig 2023-03-11 09:37:33.000000000 +0100 ++++ ca-certificates/mozilla/blacklist.txt 2023-03-12 18:49:47.285310067 +0100 +@@ -4,3 +4,4 @@ + "Explicitly Distrust DigiNotar Root CA" + + # Expired CAs ++"E-Tugra Certification Authority" diff --git a/ca-certificates.spec b/ca-certificates.spec index 3808a14..1a8c049 100644 --- a/ca-certificates.spec +++ b/ca-certificates.spec @@ -13,7 +13,7 @@ Summary(pl.UTF-8): Pliki PEM popularnych certyfikatów CA Name: ca-certificates %define ver_date 20230311 Version: %{ver_date} -Release: 1 +Release: 2 License: GPL v2 (scripts), MPL v2 (mozilla certs), distributable (other certs) Group: Base Source0: http://ftp.debian.org/debian/pool/main/c/ca-certificates/%{name}_%{version}.tar.xz @@ -60,6 +60,7 @@ Patch2: %{name}-etc-certs.patch Patch3: %{name}-DESTDIR.patch Patch4: %{name}.d.patch Patch5: no-openssl-rehash.patch +Patch6: blacklist.patch URL: https://packages.debian.org/sid/ca-certificates BuildRequires: openssl-tools BuildRequires: python3 @@ -111,6 +112,7 @@ cd ca-certificates %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 %{__sed} -i -e 's,@openssldir@,%{openssldir},' sbin/update-ca-certificates* -- 2.44.0