On 02/20/2012 02:50 PM, Josh Triplett wrote: > When upgrading ca-certificates from lenny to squeeze, one of the > previous ca-certificates NEWS entries mentions the addition of the > DigiNotar root CA. The squeeze update to ca-certificates that removes > DigiNotar does not include a corresponding NEWS entry. As a result, > people upgrading from lenny to squeeze and using apt-listchanges see > NEWS entries which note the addition of DigiNotar and not its removal. > > In my case this led me to wonder whether the version I upgraded to still > had the DigiNotar certificate, and manually dig through the changelog to > verify. > > The squeeze update for ca-certificates should have a NEWS entry noting > the removed certificate.
The blacklisting of the DigiNotar CA was done as an NMU. Per policy, as little changes to the package were made as possible, but as you found, the changelog clearly stated the DigiNotar blacklisting. Updating stable only to include a NEWS item seems rather irrelevant. However, I am planning on a stable-update for to include the latest version of the ca-certificates package. As I've wondered the value of NEWS for people searching for CA adds/removes, perhaps it is time to remove it - all that information is in debian/changelog. -- Kind regards, Michael -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
