Bug#594383: marked as done (ca-certificates: README.Debian implies that none of the CAs have been audited)

[Debian Bug Tracking System]

Your message dated Wed, 14 Dec 2011 19:47:22 +0000
with message-id <e1rauns-00016e...@franck.debian.org>
and subject line Bug#594383: fixed in ca-certificates 20111211
has caused the Debian Bug report #594383,
regarding ca-certificates: README.Debian implies that none of the CAs have been 
audited
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
594383: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594383
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: ca-certificates
Version: 20090814
Severity: normal


--- ca-certificates-20090814+nmu2/debian/README.Debian                          
       2009-06-24 08:10:47.000000000 -0700
+++ ca-certificates-20090814+nmu2+cjac/debian/README.Debian                     
       2010-08-25 10:54:04.000000000 -0700
@@ -4,10 +4,11 @@
 This package includes PEM files of CA certificates to allow SSL-based
 applications to check for the authenticity of SSL connections.
 
-Please note that certificate authorities whose certificates are included
-in this package are not in any way audited for trustworthiness and RFC
-3647 compliance, and that full responsibility to assess them belongs to
-the local system administrator.
+Please note that we can neither confirm nor deny whether the certificate
+authorities whose certificates are included in this package have in
+any way been audited for trustworthiness or RFC 3647 compliance.  Full
+responsibility to assess them belongs to the local system
+administrator.
 
 The CA certificates contained in this package are installed into
 “/usr/share/ca-certificates”.



-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages ca-certificates depends on:
ii  debconf [debconf-2.0]         1.5.33     Debian configuration management sy
ii  openssl                       0.9.8o-1   Secure Socket Layer (SSL) binary a

ca-certificates recommends no packages.

ca-certificates suggests no packages.

-- debconf information:
  ca-certificates/enable_crts: brasil.gov.br/brasil.gov.br.crt, 
cacert.org/cacert.org.crt, debconf.org/ca.crt, gouv.fr/cert_igca_dsa.crt, 
gouv.fr/cert_igca_rsa.crt, 
mozilla/ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt, 
mozilla/AddTrust_External_Root.crt, 
mozilla/AddTrust_Low-Value_Services_Root.crt, 
mozilla/AddTrust_Public_Services_Root.crt, 
mozilla/AddTrust_Qualified_Certificates_Root.crt, 
mozilla/America_Online_Root_Certification_Authority_1.crt, 
mozilla/America_Online_Root_Certification_Authority_2.crt, 
mozilla/AOL_Time_Warner_Root_Certification_Authority_1.crt, 
mozilla/AOL_Time_Warner_Root_Certification_Authority_2.crt, 
mozilla/Baltimore_CyberTrust_Root.crt, 
mozilla/beTRUSTed_Root_CA-Baltimore_Implementation.crt, 
mozilla/beTRUSTed_Root_CA.crt, 
mozilla/beTRUSTed_Root_CA_-_Entrust_Implementation.crt, 
mozilla/beTRUSTed_Root_CA_-_RSA_Implementation.crt, 
mozilla/Camerfirma_Chambers_of_Commerce_Root.crt, 
mozilla/Camerfirma_Global_Chambersign_Root.crt, mozilla/Certplus_Class_2_
 Primary_CA.crt, mozilla/Certum_Root_CA.crt, 
mozilla/Comodo_AAA_Services_root.crt, 
mozilla/COMODO_Certification_Authority.crt, 
mozilla/COMODO_ECC_Certification_Authority.crt, 
mozilla/Comodo_Secure_Services_root.crt, 
mozilla/Comodo_Trusted_Services_root.crt, 
mozilla/DigiCert_Assured_ID_Root_CA.crt, mozilla/DigiCert_Global_Root_CA.crt, 
mozilla/DigiCert_High_Assurance_EV_Root_CA.crt, mozilla/DigiNotar_Root_CA.crt, 
mozilla/Digital_Signature_Trust_Co._Global_CA_1.crt, 
mozilla/Digital_Signature_Trust_Co._Global_CA_2.crt, 
mozilla/Digital_Signature_Trust_Co._Global_CA_3.crt, 
mozilla/Digital_Signature_Trust_Co._Global_CA_4.crt, 
mozilla/DST_ACES_CA_X6.crt, mozilla/DST_Root_CA_X3.crt, 
mozilla/Entrust.net_Global_Secure_Personal_CA.crt, 
mozilla/Entrust.net_Global_Secure_Server_CA.crt, 
mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt, 
mozilla/Entrust.net_Secure_Personal_CA.crt, 
mozilla/Entrust.net_Secure_Server_CA.crt, 
mozilla/Entrust_Root_Certification_Authority.crt, mozilla/Equifax_
 Secure_CA.crt, mozilla/Equifax_Secure_eBusiness_CA_1.crt, 
mozilla/Equifax_Secure_eBusiness_CA_2.crt, 
mozilla/Equifax_Secure_Global_eBusiness_CA.crt, 
mozilla/Firmaprofesional_Root_CA.crt, mozilla/GeoTrust_Global_CA_2.crt, 
mozilla/GeoTrust_Global_CA.crt, 
mozilla/GeoTrust_Primary_Certification_Authority.crt, 
mozilla/GeoTrust_Universal_CA_2.crt, mozilla/GeoTrust_Universal_CA.crt, 
mozilla/GlobalSign_Root_CA.crt, mozilla/GlobalSign_Root_CA_-_R2.crt, 
mozilla/Go_Daddy_Class_2_CA.crt, mozilla/GTE_CyberTrust_Global_Root.crt, 
mozilla/GTE_CyberTrust_Root_CA.crt, mozilla/IPS_Chained_CAs_root.crt, 
mozilla/IPS_CLASE1_root.crt, mozilla/IPS_CLASE3_root.crt, 
mozilla/IPS_CLASEA1_root.crt, mozilla/IPS_CLASEA3_root.crt, 
mozilla/IPS_Servidores_root.crt, mozilla/IPS_Timestamping_root.crt, 
mozilla/NetLock_Business_=Class_B=_Root.crt, 
mozilla/NetLock_Express_=Class_C=_Root.crt, 
mozilla/NetLock_Notary_=Class_A=_Root.crt, 
mozilla/NetLock_Qualified_=Class_QA=_Root.crt, mozilla/Network_Solutions_Certifi
 cate_Authority.crt, mozilla/QuoVadis_Root_CA_2.crt, 
mozilla/QuoVadis_Root_CA_3.crt, mozilla/QuoVadis_Root_CA.crt, 
mozilla/RSA_Root_Certificate_1.crt, mozilla/RSA_Security_1024_v3.crt, 
mozilla/RSA_Security_2048_v3.crt, mozilla/Secure_Global_CA.crt, 
mozilla/SecureTrust_CA.crt, mozilla/Security_Communication_Root_CA.crt, 
mozilla/Sonera_Class_1_Root_CA.crt, mozilla/Sonera_Class_2_Root_CA.crt, 
mozilla/Staat_der_Nederlanden_Root_CA.crt, mozilla/Starfield_Class_2_CA.crt, 
mozilla/StartCom_Certification_Authority.crt, mozilla/StartCom_Ltd..crt, 
mozilla/Swisscom_Root_CA_1.crt, mozilla/SwissSign_Gold_CA_-_G2.crt, 
mozilla/SwissSign_Platinum_CA_-_G2.crt, mozilla/SwissSign_Silver_CA_-_G2.crt, 
mozilla/Taiwan_GRCA.crt, mozilla/TC_TrustCenter__Germany__Class_2_CA.crt, 
mozilla/TC_TrustCenter__Germany__Class_3_CA.crt, 
mozilla/TDC_Internet_Root_CA.crt, mozilla/TDC_OCES_Root_CA.crt, 
mozilla/Thawte_Personal_Basic_CA.crt, mozilla/Thawte_Personal_Freemail_CA.crt, 
mozilla/Thawte_Personal_Premium_CA.
 crt, mozilla/Thawte_Premium_Server_CA.crt, mozilla/thawte_Primary_Root_CA.crt, 
mozilla/Thawte_Server_CA.crt, mozilla/Thawte_Time_Stamping_CA.crt, 
mozilla/TURKTRUST_Certificate_Services_Provider_Root_1.crt, 
mozilla/TURKTRUST_Certificate_Services_Provider_Root_2.crt, 
mozilla/UTN_DATACorp_SGC_Root_CA.crt, mozilla/UTN_USERFirst_Email_Root_CA.crt, 
mozilla/UTN_USERFirst_Hardware_Root_CA.crt, 
mozilla/UTN-USER_First-Network_Applications.crt, 
mozilla/ValiCert_Class_1_VA.crt, mozilla/ValiCert_Class_2_VA.crt, 
mozilla/Verisign_Class_1_Public_Primary_Certification_Authority.crt, 
mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt, 
mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.crt, 
mozilla/Verisign_Class_2_Public_Primary_Certification_Authority.crt, 
mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt, 
mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.crt, 
mozilla/Verisign_Class_3_Public_Primary_Certificati
 on_Authority.crt, 
mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt, 
mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt, 
mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt, 
mozilla/Verisign_Class_4_Public_Primary_Certification_Authority_-_G2.crt, 
mozilla/Verisign_Class_4_Public_Primary_Certification_Authority_-_G3.crt, 
mozilla/Verisign_RSA_Secure_Server_CA.crt, 
mozilla/Verisign_Time_Stamping_Authority_CA.crt, 
mozilla/Visa_eCommerce_Root.crt, mozilla/Visa_International_Global_Root_2.crt, 
mozilla/Wells_Fargo_Root_CA.crt, 
mozilla/WellsSecure_Public_Root_Certificate_Authority.crt, 
mozilla/XRamp_Global_CA_Root.crt, signet.pl/signet_ca1_pem.crt, 
signet.pl/signet_ca2_pem.crt, signet.pl/signet_ca3_pem.crt, 
signet.pl/signet_ocspklasa2_pem.crt, signet.pl/signet_ocspklasa3_pem.crt, 
signet.pl/signet_pca2_pem.crt, signet.pl/signet_pca3_pem.crt, 
signet.pl/signet_rootca_pem.crt, signet.pl/signet_tsa1_pem.crt, spi-inc.org/sp
 i-ca-2003.crt, spi-inc.org/spi-cacert-2008.crt, 
telesec.de/deutsche-telekom-root-ca-2.crt
  ca-certificates/new_crts:
  ca-certificates/trust_new_crts: yes

--- End Message ---

--- Begin Message ---

Source: ca-certificates
Source-Version: 20111211

We believe that the bug you reported is fixed in the latest version of
ca-certificates, which is due to be installed in the Debian FTP archive:

ca-certificates_20111211.dsc
  to main/c/ca-certificates/ca-certificates_20111211.dsc
ca-certificates_20111211.tar.gz
  to main/c/ca-certificates/ca-certificates_20111211.tar.gz
ca-certificates_20111211_all.deb
  to main/c/ca-certificates/ca-certificates_20111211_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 594...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Shuler <mich...@pbandjelly.org> (supplier of updated ca-certificates 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 11 Dec 2011 19:05:32 -0600
Source: ca-certificates
Binary: ca-certificates
Architecture: source all
Version: 20111211
Distribution: unstable
Urgency: low
Maintainer: Michael Shuler <mich...@pbandjelly.org>
Changed-By: Michael Shuler <mich...@pbandjelly.org>
Description: 
 ca-certificates - Common CA certificates
Closes: 594383 646767 647849
Changes: 
 ca-certificates (20111211) unstable; urgency=low
 .
   * Clarify CA audit note in package description and README.debian. Thanks
     to C.J. Adams-Collier for the patch.  Closes: #594383
   * Remove French Government IGC/A CA certificates. The RSA certificate is
     included in the Mozilla bundle and the DSA certificate is not in use.
     Closes: #646767
   * Remove expired signet.pl CAs.  Closes: #647849
   * Remove expired brasil.gov.br CA.
   * Edit 20111025 changelog/NEWS entries to correctly list installed CAs
   * Use 'set -e' in body of debian/postinst
   * Update mozilla/certdata.txt to version 1.80
     (no added/removed CAs)
   * Update mozilla/certdata2pem.py to parse NETSCAPE or NSS data
Checksums-Sha1: 
 68df1e97e9dc923e47bc6604b7dc0bf707f0d68b 1747 ca-certificates_20111211.dsc
 7c13d7e1e6ea119ee6ab3b03e45ef7e48e5e9b63 277937 ca-certificates_20111211.tar.gz
 25998fd32380ded0b658034e53eedebf514bb8c9 175372 
ca-certificates_20111211_all.deb
Checksums-Sha256: 
 71b709cc33ac317e9a8d5f28051e122bd5aebbd28247fbc47f85e95f584ef05f 1747 
ca-certificates_20111211.dsc
 6f0633136d17ffef3ed0adfb171a00136a320f0fd79c9c75733ac02662a754a7 277937 
ca-certificates_20111211.tar.gz
 0ec173492418b32b07e400d4822ec9812e04207af7e6ea1f5064505ca9b80f3f 175372 
ca-certificates_20111211_all.deb
Files: 
 8ee60f575635f25563d1712e2bc02eaa 1747 misc optional 
ca-certificates_20111211.dsc
 f99a90a91b23338b4df765c0d18eba73 277937 misc optional 
ca-certificates_20111211.tar.gz
 02a3105a228f1e053926ed3dc397d8cd 175372 misc optional 
ca-certificates_20111211_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIVAwUBTuj6s4cvcCxNbiWoAQLnKA//dQv6eEwDpADMyz/EoizYsK4agifE3KiA
auIj/9gOsDcAYcCI8V85dV72j7URxG3uLzRT0x9g2pLyeiM6SCt8eOqphegUGD+Z
SVk+GdU6Qf/1OsAiyVm5eY8w+awvMXpiAdUDaz5HPmoDzOyagJCgamRXqe6Tdejy
VofPbPZWCb8yVph4onSOYCJ1jtllVlPOFiPYxewGEdqiW+sgw4jW7fdj+vKvkB1M
kMugyc0/GazJevIqIniQa9rj5ssfZ027CVFWu34Hhsm1GnRgqiiEVMGqtzrhD6Bw
FPj34+lrIyS5j+6mP5kOynd8D4r5OqYTvFeI4iE/p5uWCejBUYxxpNm3s4lryzCM
dyFXq56jPZJrnFeVxLisY0MUFbypzvmL1Fj1Gd9sppARmosvOQ6LWM3PrRiQrJLt
D4Fo/1ZYFHh8CSML1HqeTQ395LjIH+kRJMUheI99TA5GGJJNvqZjygo/qZuYslHE
V/qvAg06CdR7iPNUrpM404uCRAph7T61Bi/+y4nT3DkXhR6+obLmcnUdxFlrRSja
8C+rQeCh/CGwJdkpj8UOlsK+wMt8q8+vEMRe8qXGwSZjsyyuk8hk+OJ5xSBp3UdK
uAEb11IfDZUditDXuEzYxhq3gJqYu8E88uOXYfCQQ5nVUt4xbuw7+kswWwHtqb4D
xqqMVOPBwOg=
=xnOb
-----END PGP SIGNATURE-----

--- End Message ---