]>
git.pld-linux.org Git - packages/ca-certificates.git/log
Jan Palus [Fri, 12 Mar 2021 10:29:14 +0000 (11:29 +0100)]
rediff patches; rel 3
Jan Palus [Fri, 12 Mar 2021 08:46:56 +0000 (09:46 +0100)]
- release 2 (by relup.sh)
Jan Palus [Sat, 30 Jan 2021 11:24:52 +0000 (12:24 +0100)]
don't mark ca-certificates.crt as %config(noreplace)
...or it may never get updated after single installation of
ca-certificates-update. Let's assume anyone with custom certificates has
ca-certificates-update which will update ca-certificates.crt after
upgrade
Jan Palus [Sat, 30 Jan 2021 11:18:06 +0000 (12:18 +0100)]
drop expired certificates
class1.pem: Not After : Apr 26 10:32:12 2005 GMT
class2.pem: Not After : Jun 4 09:05:44 2005 GMT
class3.pem: Not After : Jun 4 09:13:06 2005 GMT
class4.pem: Not After : Jun 4 09:19:41 2006 GMT
level1.pem: Not After : Jul 12 16:31:53 2012 GMT
level2.pem: Not After : Jul 12 16:32:03 2012 GMT
level3.pem: Not After : Jul 12 16:32:17 2012 GMT
level4.pem: Not After : Jul 12 16:32:35 2012 GMT
na.pem: Not After : Aug 28 17:16:25 2012 GMT
tsa.pem: Not After : Aug 28 17:05:14 2012 GMT
vs.pem: Not After : Aug 28 17:10:36 2012 GMT
TERENACodeSigningCA.crt: Not After : May 30 10:48:38 2020 GMT
TERENAeScienceSSLCA.crt: Not After : May 30 10:48:38 2020 GMT
TERENASSLCA.crt: Not After : May 30 10:48:38 2020 GMT
ESTEID-SK_2007.PEM.cer: Not After : Aug 26 14:23:01 2016 GMT
ESTEID-SK.PEM.cer: Not After : Jan 13 16:44:50 2012 GMT
JUUR-SK.PEM.cer: Not After : Aug 26 14:23:01 2016 GMT
Jan Palus [Tue, 19 Jan 2021 22:49:14 +0000 (23:49 +0100)]
Jan Palus [Thu, 22 Oct 2020 12:54:42 +0000 (14:54 +0200)]
remove dead links in /etc/openssl/certs when uninstalling update
Jan Palus [Thu, 16 Jul 2020 16:38:47 +0000 (18:38 +0200)]
up to
20200601
- use more specific cert begin/end pattern (END occurs in b64 content
now)
Jan Palus [Wed, 20 Feb 2019 00:01:18 +0000 (01:01 +0100)]
Jacek Konieczny [Sun, 13 Jan 2019 12:32:34 +0000 (13:32 +0100)]
symlink just /etc/ssl/certs/ca-certificates.crt
Restrictive permissions to PLD /etc/certs break gajim when symlinked to
/etc/ssl/certs:
> 2019-01-13 13:27:08 (E) nbxmpp.tls_nb PlugIn: while trying _startSSL():
> Traceback (most recent call last):
> File "/usr/share/python3.7/site-packages/nbxmpp/tls_nb.py", line 288, in plugin
> res = self._startSSL()
> File "/usr/share/python3.7/site-packages/nbxmpp/tls_nb.py", line 327, in _startSSL
> result = self._startSSL_pyOpenSSL()
> File "/usr/share/python3.7/site-packages/nbxmpp/tls_nb.py", line 451, in _startSSL_pyOpenSSL
> for f in os.listdir('/etc/ssl/certs'):
> PermissionError: [Errno 13] Permission denied: '/etc/ssl/certs'
Release: 4
Jacek Konieczny [Sat, 12 Jan 2019 12:08:48 +0000 (13:08 +0100)]
Include Debian-compatible /etc/ssl/certs symlink
That is required for proper operation of the Steam client
Release: 3
Jan Rękorajski [Fri, 13 Apr 2018 20:31:58 +0000 (22:31 +0200)]
- openssl rehash command does not exist as of openssl 1.0.2o, use c_rehash.sh script
- rel 2
Arkadiusz Miśkiewicz [Thu, 12 Apr 2018 12:06:21 +0000 (14:06 +0200)]
Jacek Konieczny [Mon, 19 Mar 2018 07:56:59 +0000 (08:56 +0100)]
remove _outdated_ _intermediate_ Let's Encrypt certs
These are already outdated (see https://letsencrypt.org/certificates/)
and should never be here anyway, as they are intermediates not roots.
Arkadiusz Miśkiewicz [Tue, 27 Feb 2018 08:43:07 +0000 (09:43 +0100)]
Jan Rękorajski [Mon, 17 Jul 2017 11:43:14 +0000 (20:43 +0900)]
- release 2 (by relup.sh)
Jakub Bogusz [Thu, 6 Jul 2017 19:22:36 +0000 (21:22 +0200)]
- one letsencrypt certificate (#
1204656 from bugzilla.mozilla.org) has been merged; cleanup
Elan Ruusamäe [Thu, 6 Jul 2017 13:11:47 +0000 (16:11 +0300)]
Arkadiusz Miśkiewicz [Tue, 27 Sep 2016 10:42:14 +0000 (12:42 +0200)]
- rel 4; drop thawte zip and use mozilla bundle (which is more current)
Elan Ruusamäe [Tue, 16 Aug 2016 06:59:46 +0000 (09:59 +0300)]
Arkadiusz Miśkiewicz [Sun, 14 Aug 2016 11:19:14 +0000 (13:19 +0200)]
- rel 3; add letsencrypt certificates (approved by mozilla)
Elan Ruusamäe [Thu, 28 Apr 2016 14:05:14 +0000 (17:05 +0300)]
change group from libraries to base
Elan Ruusamäe [Sun, 24 Apr 2016 10:20:36 +0000 (13:20 +0300)]
python3 changes in mozilla/certdata2pem.py require py2.6
Jakub Bogusz [Mon, 8 Feb 2016 18:19:03 +0000 (19:19 +0100)]
- bcond description
Arkadiusz Miśkiewicz [Mon, 8 Feb 2016 17:23:25 +0000 (18:23 +0100)]
- rel 2; rm duplicate cert and fail if we produce duplicates in our bundle
Elan Ruusamäe [Mon, 18 Jan 2016 12:59:01 +0000 (14:59 +0200)]
Jacek Konieczny [Tue, 8 Dec 2015 13:57:03 +0000 (14:57 +0100)]
replace the nonsense cacert.org URL with actual source
Adam Osuchowski [Fri, 24 Jul 2015 20:59:04 +0000 (22:59 +0200)]
- added new TERENA TCS 2 certificates (Comodo SHA256)
- added new TERENA TCS 3 certificates (DigiCert)
Arkadiusz Miśkiewicz [Mon, 29 Jun 2015 12:14:55 +0000 (14:14 +0200)]
Elan Ruusamäe [Mon, 25 May 2015 11:00:30 +0000 (14:00 +0300)]
move todo from separate file to .spec
Elan Ruusamäe [Wed, 11 Feb 2015 11:22:02 +0000 (13:22 +0200)]
.
add /etc/pki/tls/certs/ca-bundle.crt symlink to %{certsdir}/ca-certificates.crt
this lessens need to patch software locations to ca-bundle.crt, as
really, only pld uses the path we use.
maybe this should be opposite way file vs symlink?
Andrzej Zawadzki [Tue, 6 Jan 2015 22:23:21 +0000 (23:23 +0100)]
- add new Certum SHA2 certificates
- I've one signed with this cert... wrrrr ;-)
Arkadiusz Miśkiewicz [Mon, 10 Nov 2014 15:20:37 +0000 (16:20 +0100)]
Jakub Bogusz [Sat, 11 Oct 2014 21:27:38 +0000 (23:27 +0200)]
Jakub Bogusz [Sun, 30 Mar 2014 14:33:48 +0000 (16:33 +0200)]
Elan Ruusamäe [Fri, 14 Mar 2014 12:49:01 +0000 (14:49 +0200)]
up to
20140223 ; cacert.org dropped
- Debian will no longer ship cacert.org certificates.
- Update mozilla/certdata.txt to version 1.97.
- Dropped endline.patch, fix is upstream
Elan Ruusamäe [Wed, 25 Sep 2013 10:04:18 +0000 (13:04 +0300)]
package /etc/pki/tls dir
Elan Ruusamäe [Fri, 13 Sep 2013 13:16:59 +0000 (16:16 +0300)]
up to
20130906 : Update mozilla/certdata.txt to version 1.94
Certificates added (+) and removed (-):
+ "CA Disig Root R1"
+ "CA Disig Root R2"
+ "China Internet Network Information Center EV Certificates Root"
+ "D-TRUST Root Class 3 CA 2 2009"
+ "D-TRUST Root Class 3 CA 2 EV 2009"
+ "PSCProcert"
+ "Swisscom Root CA 2"
+ "Swisscom Root EV CA 2"
+ "TURKTRUST Certificate Services Provider Root 2007"
- "Equifax Secure eBusiness CA 2"
- "TC TrustCenter Universal CA III"
Elan Ruusamäe [Tue, 11 Jun 2013 09:01:01 +0000 (12:01 +0300)]
ca-certificates (
20130610 ) unstable; urgency=low
CAcert root and class3 certificates are now installed as individual
files, no longer as the concatenation of the two. The certificates
are installed as cacert.org_root.crt and cacert.org_class3.crt for
ease of identification.
Remove obsolete debconf.org CA.
Remove obsolete SPI CA certificate expired in 2007.
Arkadiusz Miśkiewicz [Tue, 30 Apr 2013 09:58:50 +0000 (11:58 +0200)]
- rel 2; regenerate
Jakub Bogusz [Thu, 24 Jan 2013 14:41:23 +0000 (15:41 +0100)]
Elan Ruusamäe [Sun, 2 Dec 2012 12:53:34 +0000 (14:53 +0200)]
- up to
20121114 , no changes to certs
Elan Ruusamäe [Sat, 10 Nov 2012 17:51:00 +0000 (17:51 +0000)]
- rpm5 treats # as comment, so it won't work in urls
Elan Ruusamäe [Thu, 8 Nov 2012 13:12:17 +0000 (13:12 +0000)]
- up to
20121105
Update mozilla/certdata.txt to version 1.86
Certificates added (+) (none removed):
+ "Actalis Authentication Root CA"
+ "Trustis FPS Root CA"
+ "StartCom Certification Authority" (renewal/rehash)
+ "StartCom Certification Authority G2"
+ "Buypass Class 2 Root CA"
+ "Buypass Class 3 Root CA"
+ "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı"
+ "T-TeleSec GlobalRoot Class 3"
+ "EE Certification Centre Root CA"
-- Michael Shuler <michael@pbandjelly.org> Mon, 05 Nov 2012 10:56:28
Elan Ruusamäe [Thu, 8 Nov 2012 13:08:40 +0000 (13:08 +0000)]
- %prep that depends BR moved to build
Elan Ruusamäe [Sun, 2 Sep 2012 10:15:34 +0000 (13:15 +0300)]
- release 4 (by relup.sh)
Elan Ruusamäe [Sun, 2 Sep 2012 10:03:38 +0000 (13:03 +0300)]
use same paths on AC as on HEAD
Elan Ruusamäe [Wed, 27 Jun 2012 08:50:42 +0000 (08:50 +0000)]
- update to
20120623
- mozilla certs changed license to MPL-2.0
- mozilla/certdata.txt updated to version 1.81:
Certificates added (+) and removed (-):
+ "Security Communication RootCA2"
+ "EC-ACC"
+ "Hellenic Academic and Research Institutions RootCA 2011"
- "Verisign Class 2 Public Primary Certification Authority"
- "Verisign Class 4 Public Primary Certification Authority - G2"
- "TC TrustCenter, Germany, Class 2 CA"
- "TC TrustCenter, Germany, Class 3 CA"
Changed files:
ca-certificates.spec -> 1.52
Jan Rękorajski [Sat, 12 May 2012 13:35:36 +0000 (13:35 +0000)]
- rel 2
- current version already contains all certs from mozilla
Changed files:
ca-certificates-mozilla.patch -> 1.4
ca-certificates.spec -> 1.51
Elan Ruusamäe [Sat, 12 May 2012 13:15:57 +0000 (13:15 +0000)]
- add /etc/ca-certificates.d to support local certs, so there won't be need to edit package version of /etc/ca-certificates.conf, and thus no .rpmnew merge need
Changed files:
ca-certificates.d.patch -> 1.1
ca-certificates.spec -> 1.50
Elan Ruusamäe [Sat, 12 May 2012 12:59:54 +0000 (12:59 +0000)]
- up to
20120212 , see changelog for added/removed ca-s
Changed files:
TODO -> 1.6
ca-certificates-etc-certs.patch -> 1.11
ca-certificates-more-certs.patch -> 1.7
ca-certificates-mozilla.patch -> 1.3
ca-certificates.spec -> 1.49
Jacek Konieczny [Mon, 5 Sep 2011 13:25:17 +0000 (13:25 +0000)]
- Version:
20110502 +nmu1 - blacklisted a compromised "DigiNotar Root CA" certificate
Changed files:
ca-certificates.spec -> 1.48
Elan Ruusamäe [Thu, 1 Sep 2011 10:04:43 +0000 (10:04 +0000)]
- svn link for amsn
Changed files:
TODO -> 1.5
Elan Ruusamäe [Thu, 1 Sep 2011 10:02:15 +0000 (10:02 +0000)]
- vcs link for amsn
Changed files:
TODO -> 1.4
Elan Ruusamäe [Thu, 1 Sep 2011 10:01:23 +0000 (10:01 +0000)]
- vcs link for pidgin
Changed files:
TODO -> 1.3
Elan Ruusamäe [Tue, 30 Aug 2011 12:08:20 +0000 (12:08 +0000)]
- up to
20110502 (no changes to certs)
Changed files:
ca-certificates.spec -> 1.47
Elan Ruusamäe [Tue, 30 Aug 2011 12:06:27 +0000 (12:06 +0000)]
- pidgin todo
Changed files:
TODO -> 1.2
Elan Ruusamäe [Sat, 27 Aug 2011 12:26:54 +0000 (12:26 +0000)]
- add amsn bundled certs todo
Changed files:
TODO -> 1.1
ca-certificates.spec -> 1.46
Elan Ruusamäe [Thu, 7 Jul 2011 09:32:59 +0000 (09:32 +0000)]
- some merge tool needed for /etc/ca-certificates.conf
Changed files:
ca-certificates.spec -> 1.45
Elan Ruusamäe [Sat, 11 Jun 2011 09:06:58 +0000 (09:06 +0000)]
- Juur-SK included by mozilla as well
Changed files:
ca-certificates.spec -> 1.44
Elan Ruusamäe [Sat, 11 Jun 2011 08:58:13 +0000 (08:58 +0000)]
- preserve timestamps
Changed files:
ca-certificates-more-certs.patch -> 1.6
ca-certificates.spec -> 1.43
Arkadiusz Miśkiewicz [Mon, 23 May 2011 07:26:35 +0000 (07:26 +0000)]
- up to
20110421
Changed files:
ca-certificates-more-certs.patch -> 1.5
ca-certificates-mozilla.patch -> 1.2
ca-certificates.spec -> 1.42
Arkadiusz Miśkiewicz [Wed, 30 Mar 2011 17:58:35 +0000 (17:58 +0000)]
- 14; use files without spaces for distfiles
Changed files:
ca-certificates.spec -> 1.41
Arkadiusz Miśkiewicz [Wed, 30 Mar 2011 15:39:57 +0000 (15:39 +0000)]
- rel 13; fix thawte certs; force interactive mode for cp/mv (so we know if overwrittes happen)
Changed files:
ca-certificates.spec -> 1.40
Arkadiusz Miśkiewicz [Sun, 27 Mar 2011 09:44:32 +0000 (09:44 +0000)]
- rel 12; fix sk.ee certs; add sk.ee ESTEID 2011
Changed files:
ca-certificates.spec -> 1.39
Arkadiusz Miśkiewicz [Sun, 27 Mar 2011 09:32:22 +0000 (09:32 +0000)]
- rel 11; update to nmu3 tarball; update external certs
Changed files:
ca-certificates.spec -> 1.38
Elan Ruusamäe [Tue, 18 May 2010 10:26:06 +0000 (10:26 +0000)]
- df space problem hack
Changed files:
ca-certificates.spec -> 1.37
Elan Ruusamäe [Tue, 18 May 2010 10:11:14 +0000 (10:11 +0000)]
- cross distro compat (ac and likely ti as well); rel 10
Changed files:
ca-certificates-DESTDIR.patch -> 1.2
ca-certificates-etc-certs.patch -> 1.10
ca-certificates-undebianize.patch -> 1.7
ca-certificates.spec -> 1.36
Arkadiusz Miśkiewicz [Thu, 6 May 2010 06:43:28 +0000 (06:43 +0000)]
- rel 9; revert; no hashes in main pkg
Changed files:
ca-certificates.spec -> 1.35
Arkadiusz Miśkiewicz [Thu, 6 May 2010 06:40:38 +0000 (06:40 +0000)]
- rel 8; force new openssl since mixing ca-certificates with hashes from old openssl with new openssl library (and vice versa) is asking for trouble
Changed files:
ca-certificates.spec -> 1.34
Arkadiusz Miśkiewicz [Thu, 6 May 2010 06:37:27 +0000 (06:37 +0000)]
- rel 7
Changed files:
ca-certificates.spec -> 1.33
Elan Ruusamäe [Wed, 5 May 2010 11:36:37 +0000 (11:36 +0000)]
- no nazi certs here ;)
Changed files:
ca-certificates-undebianize.patch -> 1.6
Elan Ruusamäe [Wed, 5 May 2010 11:18:58 +0000 (11:18 +0000)]
- use same method for generating /etc/certs/ca-certificates.crt at package build time
- %20 vs space fix workaround
Changed files:
ca-certificates-DESTDIR.patch -> 1.1
ca-certificates.spec -> 1.32
Elan Ruusamäe [Wed, 5 May 2010 11:04:24 +0000 (11:04 +0000)]
- one more path to undebianize
Changed files:
ca-certificates-undebianize.patch -> 1.5
Elan Ruusamäe [Wed, 5 May 2010 10:40:03 +0000 (10:40 +0000)]
- add esteid certs, www.sk.ee
Changed files:
ca-certificates-more-certs.patch -> 1.4
ca-certificates.spec -> 1.31
Jan Rękorajski [Tue, 6 Apr 2010 15:17:33 +0000 (15:17 +0000)]
- added TODO about RSA Security 1024 V3 root CA
Changed files:
ca-certificates.spec -> 1.30
Jan Rękorajski [Tue, 23 Mar 2010 12:16:53 +0000 (12:16 +0000)]
- rel 6
- added TERENA CA, https://www.terena.org/
- updated mozilla bundle from nss-3.12.5
- avoid making duplicate .pem ext in update-ca-certificates script
Changed files:
ca-certificates.spec -> 1.29
Jan Rękorajski [Tue, 23 Mar 2010 12:15:35 +0000 (12:15 +0000)]
- updated mozilla bundle from nss-3.12.5
Changed files:
ca-certificates-mozilla.patch -> 1.1
Jan Rękorajski [Tue, 23 Mar 2010 12:14:49 +0000 (12:14 +0000)]
- added TERENA certs, https://www.terena.org/
Changed files:
ca-certificates-more-certs.patch -> 1.3
Jan Rękorajski [Tue, 23 Mar 2010 11:54:02 +0000 (11:54 +0000)]
- use the one provided on terena web page
Changed files:
terena.pem -> 1.2
Jan Rękorajski [Tue, 23 Mar 2010 11:38:23 +0000 (11:38 +0000)]
- TERENA SSL CA, http://www.terena.org/
Changed files:
terena.pem -> 1.1
Jan Rękorajski [Tue, 23 Mar 2010 10:38:45 +0000 (10:38 +0000)]
- really avoid duplicate ext
Changed files:
ca-certificates-etc-certs.patch -> 1.9
Jan Rękorajski [Tue, 23 Mar 2010 10:32:14 +0000 (10:32 +0000)]
- avoid missing or duplicate .pem extension
Changed files:
ca-certificates-etc-certs.patch -> 1.8
Jan Rękorajski [Wed, 24 Feb 2010 11:53:30 +0000 (11:53 +0000)]
- rel 5
- certificate file may not end with newline, take that into account when
generating ca-certificates.crt in install
Changed files:
ca-certificates.spec -> 1.28
Jan Rękorajski [Tue, 9 Feb 2010 14:39:43 +0000 (14:39 +0000)]
- fix dir
Changed files:
ca-certificates-endline.patch -> 1.2
Jan Rękorajski [Tue, 9 Feb 2010 14:38:48 +0000 (14:38 +0000)]
- rel 4
- convert newlines of all files from DOS to UNIX in install
- fix for missing newline at end of file
Changed files:
ca-certificates.spec -> 1.27
Jan Rękorajski [Tue, 9 Feb 2010 14:37:21 +0000 (14:37 +0000)]
- some pem files does not end with new line, so make sure they do
Changed files:
ca-certificates-endline.patch -> 1.1
Jan Rękorajski [Tue, 9 Feb 2010 14:16:16 +0000 (14:16 +0000)]
- rel 3
- make update-ca-certificates create bundle in proper place
Changed files:
ca-certificates-etc-certs.patch -> 1.7
ca-certificates.spec -> 1.26
Arkadiusz Miśkiewicz [Thu, 4 Feb 2010 14:27:03 +0000 (14:27 +0000)]
- release 2
Changed files:
ca-certificates.spec -> 1.25
sparky [Mon, 1 Feb 2010 22:29:46 +0000 (22:29 +0000)]
- BR: python-modules
Changed files:
ca-certificates.spec -> 1.24
Jan Rękorajski [Mon, 1 Feb 2010 14:34:10 +0000 (14:34 +0000)]
- TODO is still valid, I should read more slowly and carefully
Changed files:
ca-certificates.spec -> 1.23
Jan Rękorajski [Mon, 1 Feb 2010 13:51:30 +0000 (13:51 +0000)]
- TODO done
Changed files:
ca-certificates.spec -> 1.22
Jan Rękorajski [Mon, 1 Feb 2010 13:42:37 +0000 (13:42 +0000)]
- proper patch location
Changed files:
ca-certificates-etc-certs.patch -> 1.6
Jan Rękorajski [Mon, 1 Feb 2010 13:42:04 +0000 (13:42 +0000)]
- missing hunk
Changed files:
ca-certificates-etc-certs.patch -> 1.5
Jan Rękorajski [Mon, 1 Feb 2010 13:32:43 +0000 (13:32 +0000)]
- syntax error :/
Changed files:
ca-certificates-etc-certs.patch -> 1.4
Jan Rękorajski [Mon, 1 Feb 2010 13:31:53 +0000 (13:31 +0000)]
- fixed bundle location
Changed files:
ca-certificates-etc-certs.patch -> 1.3
ca-certificates-undebianize.patch -> 1.4
Jan Rękorajski [Mon, 1 Feb 2010 13:24:59 +0000 (13:24 +0000)]
- updated to
20090814
Changed files:
ca-certificates-c_rehash.sh.patch -> 1.2
ca-certificates-etc-certs.patch -> 1.2
ca-certificates-more-certs.patch -> 1.2
ca-certificates-undebianize.patch -> 1.3
ca-certificates.spec -> 1.21
Arkadiusz Miśkiewicz [Sat, 28 Mar 2009 12:07:58 +0000 (12:07 +0000)]
- up to
20081127
Changed files:
ca-certificates.spec -> 1.20
Elan Ruusamäe [Mon, 17 Nov 2008 20:55:21 +0000 (20:55 +0000)]
- mktemp is -update pkg dep, base pkg is still a plain single file; rel 5
Changed files:
ca-certificates.spec -> 1.19
Elan Ruusamäe [Tue, 11 Nov 2008 18:40:56 +0000 (18:40 +0000)]
- ca-certificates doesn't require openssl (anymore)
Changed files:
ca-certificates.spec -> 1.18
Elan Ruusamäe [Sun, 9 Nov 2008 18:26:09 +0000 (18:26 +0000)]
- todo about trash in /etc/openssl/certs
Changed files:
ca-certificates.spec -> 1.17
This page took 0.117178 seconds and 4 git commands to generate.