Hello community,
here is the log from the commit of package ca-certificates-mozilla for
openSUSE:Factory checked in at 2018-01-26 13:35:48
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ca-certificates-mozilla (Old)
and /work/SRC/openSUSE:Factory/.ca-certificates-mozilla.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ca-certificates-mozilla"
Fri Jan 26 13:35:48 2018 rev:38 rq:569458 version:2.22
Changes:
--------
---
/work/SRC/openSUSE:Factory/ca-certificates-mozilla/ca-certificates-mozilla.changes
2017-10-27 13:47:18.583593707 +0200
+++
/work/SRC/openSUSE:Factory/.ca-certificates-mozilla.new/ca-certificates-mozilla.changes
2018-01-26 13:35:49.707582343 +0100
@@ -1,0 +2,47 @@
+Thu Jan 25 09:43:25 UTC 2018 - [email protected]
+
+- Updated to 2.22 state of the Mozilla NSS Certificate store.
+- Removed CAs:
+
+ * ACEDICOM Root
+ * AddTrust Public CA Root
+ * AddTrust Qualified CA Root
+ * ApplicationCA - Japanese Government
+ * CA Disig Root R1
+ * CA WoSign ECC Root
+ * Certification Authority of WoSign G2
+ * Certinomis - Autorité Racine
+ * China Internet Network Information Center EV Certificates Root
+ * CNNIC ROOT
+ * Comodo Secure Certificate Services
+ * Comodo Trusted Certificate Services
+ * ComSign Secured CA
+ * DST ACES CA X6
+ * GeoTrust Global CA 2
+ * StartCom Certification Authority
+ * StartCom Certification Authority
+ * StartCom Certification Authority G2
+ * Swisscom Root CA 1
+ * TÜBİTAK UEKAE Kök Sertifika Hizmet Sağlayıcısı - Sürüm 3
+ * TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı
+ * TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6
+ * UTN USERFirst Hardware Root CA
+ * UTN USERFirst Object Root CA
+ * VeriSign Class 3 Secure Server CA - G2
+ * WellsSecure Public Root Certificate Authority
+ * Certification Authority of WoSign
+ * WoSign China
+
+- Added CAs:
+
+ * D-TRUST Root CA 3 2013
+ * GDCA TrustAUTH R5 ROOT
+ * SSL.com EV Root Certification Authority ECC
+ * SSL.com EV Root Certification Authority RSA R2
+ * SSL.com Root Certification Authority ECC
+ * SSL.com Root Certification Authority RSA
+ * TrustCor RootCert CA-1
+ * TrustCor RootCert CA-2
+ * TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ca-certificates-mozilla.spec ++++++
--- /var/tmp/diff_new_pack.bqoU7k/_old 2018-01-26 13:35:51.135515648 +0100
+++ /var/tmp/diff_new_pack.bqoU7k/_new 2018-01-26 13:35:51.139515461 +0100
@@ -1,7 +1,7 @@
#
# spec file for package ca-certificates-mozilla
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -26,7 +26,7 @@
Name: ca-certificates-mozilla
# Version number is NSS_BUILTINS_LIBRARY_VERSION in this file:
# http://hg.mozilla.org/projects/nss/file/default/lib/ckfw/builtins/nssckbi.h
-Version: 2.11
+Version: 2.22
Release: 0
Summary: CA certificates for OpenSSL
License: MPL-2.0
++++++ certdata.txt ++++++
++++ 30869 lines (skipped)
++++ between /work/SRC/openSUSE:Factory/ca-certificates-mozilla/certdata.txt
++++ and /work/SRC/openSUSE:Factory/.ca-certificates-mozilla.new/certdata.txt
++++++ nssckbi.h ++++++
--- /var/tmp/diff_new_pack.bqoU7k/_old 2018-01-26 13:35:51.323506867 +0100
+++ /var/tmp/diff_new_pack.bqoU7k/_new 2018-01-26 13:35:51.323506867 +0100
@@ -22,31 +22,32 @@
* to the list of trusted certificates.
*
* The NSS_BUILTINS_LIBRARY_VERSION_MINOR macro needs to be bumped
- * for each NSS minor release AND whenever we change the list of
- * trusted certificates. 10 minor versions are allocated for each
- * NSS 3.x branch as follows, allowing us to change the list of
- * trusted certificates up to 9 times on each branch.
- * - NSS 3.5 branch: 3-9
- * - NSS 3.6 branch: 10-19
- * - NSS 3.7 branch: 20-29
- * - NSS 3.8 branch: 30-39
- * - NSS 3.9 branch: 40-49
- * - NSS 3.10 branch: 50-59
- * - NSS 3.11 branch: 60-69
- * ...
- * - NSS 3.12 branch: 70-89
- * - NSS 3.13 branch: 90-99
- * - NSS 3.14 branch: 100-109
- * ...
- * - NSS 3.29 branch: 250-255
+ * whenever we change the list of trusted certificates.
+ *
+ * Please use the following rules when increasing the version number:
+ *
+ * - starting with version 2.14, NSS_BUILTINS_LIBRARY_VERSION_MINOR
+ * must always be an EVEN number (e.g. 16, 18, 20 etc.)
+ *
+ * - whenever possible, if older branches require a modification to the
+ * list, these changes should be made on the main line of development
(trunk),
+ * and the older branches should update to the most recent list.
+ *
+ * - ODD minor version numbers are reserved to indicate a snapshot that has
+ * deviated from the main line of development, e.g. if it was necessary
+ * to modify the list on a stable branch.
+ * Once the version has been changed to an odd number (e.g. 2.13) on a
branch,
+ * it should remain unchanged on that branch, even if further changes are
+ * made on that branch.
*
* NSS_BUILTINS_LIBRARY_VERSION_MINOR is a CK_BYTE. It's not clear
* whether we may use its full range (0-255) or only 0-99 because
* of the comment in the CK_VERSION type definition.
+ * It's recommend to switch back to 0 after having reached version 98/99.
*/
#define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 2
-#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 11
-#define NSS_BUILTINS_LIBRARY_VERSION "2.11"
+#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 22
+#define NSS_BUILTINS_LIBRARY_VERSION "2.22"
/* These version numbers detail the semantic changes to the ckfw engine. */
#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1
