Hello community,
here is the log from the commit of package ca-certificates-mozilla for
openSUSE:Factory checked in at 2017-02-01 09:48:14
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ca-certificates-mozilla (Old)
and /work/SRC/openSUSE:Factory/.ca-certificates-mozilla.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ca-certificates-mozilla"
Changes:
--------
---
/work/SRC/openSUSE:Factory/ca-certificates-mozilla/ca-certificates-mozilla.changes
2016-04-11 09:14:27.000000000 +0200
+++
/work/SRC/openSUSE:Factory/.ca-certificates-mozilla.new/ca-certificates-mozilla.changes
2017-02-03 17:33:50.933415327 +0100
@@ -1,0 +2,75 @@
+Tue Jan 24 12:46:29 UTC 2017 - [email protected]
+
+- updated to 2.11 state of the Mozilla NSS Certificate store.
+- removed CAs:
+ - Buypass_Class_2_CA_1:2.1.1.crt
+ serverAuth
+ -
EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı:2.8.76.175.115.66.28.142.116.2.crt
+ codeSigning emailProtection serverAuth
+ - Equifax_Secure_CA:2.4.53.222.244.207.crt
+ emailProtection
+ - Equifax_Secure_eBusiness_CA_1:2.1.4.crt
+ emailProtection
+ - Equifax_Secure_Global_eBusiness_CA:2.1.1.crt
+ emailProtection
+ - IGC_A:2.5.57.17.69.16.148.crt
+ codeSigning emailProtection serverAuth
+ - Juur-SK:2.4.59.142.75.252.crt
+ codeSigning serverAuth
+ - Root_CA_Generalitat_Valenciana:2.4.59.69.229.104.crt
+ codeSigning emailProtection serverAuth
+ - RSA_Security_2048_v3:2.16.10.1.1.1.0.0.2.124.0.0.0.10.0.0.0.2.crt
+ codeSigning emailProtection serverAuth
+ - Sonera_Class_1_Root_CA:2.1.36.crt
+ emailProtection
+ -
S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN:2.16.55.25.24.230.83.84.124.26.181.184.203.89.90.219.53.183.crt
+ emailProtection
+ -
Verisign_Class_1_Public_Primary_Certification_Authority:2.16.63.105.30.129.156.240.154.74.243.115.255.185.72.162.228.221.crt
+ emailProtection
+ -
Verisign_Class_2_Public_Primary_Certification_Authority_-_G2:2.17.0.185.47.96.204.136.159.161.122.70.9.184.91.112.108.138.175.crt
+ emailProtection
+ -
Verisign_Class_3_Public_Primary_Certification_Authority:2.16.112.186.228.29.16.217.41.52.182.56.202.123.3.204.186.191.crt
+ emailProtection
+- added CAs:
+ + AC_RAIZ_FNMT-RCM:2.15.93.147.141.48.103.54.200.6.29.26.199.84.132.105.7.crt
+ serverAuth
+ +
Amazon_Root_CA_1:2.19.6.108.159.207.153.191.140.10.57.226.240.120.138.67.230.150.54.91.202.crt
+ emailProtection serverAuth
+ +
Amazon_Root_CA_2:2.19.6.108.159.210.150.53.134.159.10.15.229.134.120.248.91.38.187.138.55.crt
+ emailProtection serverAuth
+ +
Amazon_Root_CA_3:2.19.6.108.159.213.116.151.54.102.63.59.11.154.217.232.158.118.3.242.74.crt
+ emailProtection serverAuth
+ +
Amazon_Root_CA_4:2.19.6.108.159.215.193.187.16.76.41.67.229.113.123.123.44.200.26.193.14.crt
+ emailProtection serverAuth
+ +
Certplus_Root_CA_G1:2.18.17.32.85.131.228.45.62.84.86.133.45.131.55.183.44.220.70.17.crt
+ emailProtection serverAuth
+ +
Certplus_Root_CA_G2:2.18.17.32.217.145.206.174.163.232.197.231.255.233.2.175.207.115.188.85.crt
+ emailProtection serverAuth
+ + Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015:2.1.0.crt
+ emailProtection serverAuth
+ + Hellenic_Academic_and_Research_Institutions_RootCA_2015:2.1.0.crt
+ emailProtection serverAuth
+ +
ISRG_Root_X1:2.17.0.130.16.207.176.210.64.227.89.68.99.224.187.99.130.139.0.crt
(bsc#1010996)
+ serverAuth
+ +
LuxTrust_Global_Root_2:2.20.10.126.166.223.75.68.158.218.106.36.133.158.230.184.21.211.22.127.187.177.crt
+ serverAuth
+ +
OpenTrust_Root_CA_G1:2.18.17.32.179.144.85.57.125.127.54.109.100.194.167.159.107.99.142.103.crt
+ emailProtection serverAuth
+ +
OpenTrust_Root_CA_G2:2.18.17.32.161.105.27.191.189.185.189.82.150.143.35.232.72.191.38.17.crt
+ emailProtection serverAuth
+ +
OpenTrust_Root_CA_G3:2.18.17.32.230.248.76.252.36.176.190.5.64.172.218.131.27.52.96.63.crt
+ emailProtection serverAuth
+ +
Symantec_Class_1_Public_Primary_Certification_Authority_-_G4:2.16.33.110.51.165.203.211.136.164.111.41.7.180.39.60.196.216.crt
+ emailProtection
+ +
Symantec_Class_1_Public_Primary_Certification_Authority_-_G6:2.16.36.50.117.242.29.47.210.9.51.247.180.106.202.208.243.152.crt
+ emailProtection
+ +
Symantec_Class_2_Public_Primary_Certification_Authority_-_G4:2.16.52.23.101.18.64.59.183.86.128.45.128.203.121.85.166.30.crt
+ emailProtection
+ +
Symantec_Class_2_Public_Primary_Certification_Authority_-_G6:2.16.100.130.158.252.55.30.116.93.252.151.255.151.200.177.255.65.crt
+ emailProtection
+
+- diff-from-upstream-2.7.patch: removed as we should be able to do
+ intermediate root chains now with openssl 1.0.2 and also gnutls 3.5
+ is able to do so.
+
+-------------------------------------------------------------------
Old:
----
diff-from-upstream-2.7.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ca-certificates-mozilla.spec ++++++
--- /var/tmp/diff_new_pack.Kgu3lj/_old 2017-02-03 17:33:51.589322492 +0100
+++ /var/tmp/diff_new_pack.Kgu3lj/_new 2017-02-03 17:33:51.593321926 +0100
@@ -1,7 +1,7 @@
#
# spec file for package ca-certificates-mozilla
#
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -26,7 +26,7 @@
Name: ca-certificates-mozilla
# Version number is NSS_BUILTINS_LIBRARY_VERSION in this file:
# http://hg.mozilla.org/projects/nss/file/default/lib/ckfw/builtins/nssckbi.h
-Version: 2.7
+Version: 2.11
Release: 0
Summary: CA certificates for OpenSSL
License: MPL-2.0
@@ -49,9 +49,6 @@
Source11: %{name}.COPYING
Source12: compareoldnew
-# openssl 1.0.2 might not need it anymore, but gnutls / pidgin does ...
-Patch0: diff-from-upstream-2.7.patch
-
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildArch: noarch
# for update-ca-certificates
@@ -71,7 +68,6 @@
%setup -qcT
/bin/cp %{SOURCE0} .
-patch <%{PATCH0}
install -m 644 %{SOURCE11} COPYING
ver=`sed -ne '/NSS_BUILTINS_LIBRARY_VERSION /s/.*"\(.*\)"/\1/p' < "%{SOURCE1}"`
++++++ certdata.txt ++++++
++++ 4640 lines (skipped)
++++ between /work/SRC/openSUSE:Factory/ca-certificates-mozilla/certdata.txt
++++ and /work/SRC/openSUSE:Factory/.ca-certificates-mozilla.new/certdata.txt
++++++ nssckbi.h ++++++
--- /var/tmp/diff_new_pack.Kgu3lj/_old 2017-02-03 17:33:51.733302114 +0100
+++ /var/tmp/diff_new_pack.Kgu3lj/_new 2017-02-03 17:33:51.733302114 +0100
@@ -45,8 +45,8 @@
* of the comment in the CK_VERSION type definition.
*/
#define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 2
-#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 7
-#define NSS_BUILTINS_LIBRARY_VERSION "2.7"
+#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 11
+#define NSS_BUILTINS_LIBRARY_VERSION "2.11"
/* These version numbers detail the semantic changes to the ckfw engine. */
#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1
