On Sun, Sep 25, 2016 at 10:31 AM, Ralph Corderoy <[email protected]> wrote:
> It's not quite that bad. Debian stable is Jessie, and it has > ca-certificates 20141019+deb8u1 which you'd think was 2014, but > http://metadata.ftp-master.debian.org/changelogs//main/c/ > ca-certificates/ca-certificates_20141019+deb8u1_changelog > shows an update on 2015-12-14 to kick out some of the untrustworthy > authorities under > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806239 > > I'd hope Debian ARM has that. > Ralph, I sit corrected. I should not have researched that before drinking my coffee. I also see another pending update from 2016-08-16 to deb8u2 that has not yet been pushed. What would be good to find is a script that can do an audit of a system's ca-certificates and list any that have been revoked or have expired and run this on our build servers. A quick google doesn't turn up one for Linux. Thanks Jeff -- Jeffrey C. Honig <[email protected]> https://jchonig.withknown.com GnuPG ID:14E29E13 <http://jch.honig.net/Home/pgp_key> Keybase: jchonig <https://keybase.io/jchonig>
_______________________________________________ Nmh-workers mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/nmh-workers
