Bug#919433: RFS: ca-certificates/20190110 [RC;Security]
Hi Pierre-Elliott, Pierre-Elliott Bécue wrote: > Did you find the time to review these changes? Working on it this moment. :-) Regards, Axel -- ,''`. | Axel Beckert , https://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 `-| 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
Bug#919433: RFS: ca-certificates/20190110 [RC;Security]
Le mardi 22 janvier 2019 à 13:09:21+0100, Axel Beckert a écrit : > Hi Michael, > > Michael Shuler wrote: > > * debian/ca-certificates.postinst: > > Fix permissions on /usr/local/share/ca-certificates when using symlinks. > > Closes: #916833 > > * sbin/update-ca-certificates: > > Remove orphan symlinks found in /etc/ssl/certs to prevent `openssl > > rehash` from exiting with an error. Closes: #895482, #895473 > > This will also fix removal of user CA certificates from /usr/local > > without > > needing to run --fresh. Closes: #911303 > > This sounds very promising, thanks! > > Will test it on the two of my affected machines probably this evening > and sponsor it if there aren't any blockers (which I don't expect :-). > > (If any other DD is quicker, feel free to sponsor the package, if I > haven't done it by then. :-) Hi Axel, Did you find the time to review these changes? If you're busy, I'll take care of the upload, but I have no instance where to test the current changes. Best regards, -- Pierre-Elliott Bécue GPG: 9AE0 4D98 6400 E3B6 7528 F493 0D44 2664 1949 74E2 It's far easier to fight for one's principles than to live up to them. signature.asc Description: PGP signature
Bug#919433: RFS: ca-certificates/20190110 [RC;Security]
Hi Michael, Michael Shuler wrote: > * debian/ca-certificates.postinst: > Fix permissions on /usr/local/share/ca-certificates when using symlinks. > Closes: #916833 > * sbin/update-ca-certificates: > Remove orphan symlinks found in /etc/ssl/certs to prevent `openssl > rehash` from exiting with an error. Closes: #895482, #895473 > This will also fix removal of user CA certificates from /usr/local without > needing to run --fresh. Closes: #911303 This sounds very promising, thanks! Will test it on the two of my affected machines probably this evening and sponsor it if there aren't any blockers (which I don't expect :-). (If any other DD is quicker, feel free to sponsor the package, if I haven't done it by then. :-) Regards, Axel -- ,''`. | Axel Beckert , https://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 `-| 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
Bug#919433: RFS: ca-certificates/20190110 [RC;Security]
Package: sponsorship-requests Severity: important Dear mentors, I am looking for a sponsor for my package "ca-certificates" * Package name: ca-certificates Version : 20190110 * License : GPL-2+, MPL-2.0 Section : misc It builds those binary packages: ca-certificates - Common CA certificates ca-certificates-udeb - Common CA certificates - udeb (udeb) To access further information about this package, please visit the following URL: https://mentors.debian.net/package/ca-certificates Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/c/ca-certificates/ca-certificates_20190110.dsc Changes since the last upload: ca-certificates (20190110) unstable; urgency=high * debian/control: Depend on openssl (>= 1.1.1). Set Standards-Version: 4.3.0.1. Set Build-Depends: debhelper-compat (= 12); drop d/compat Remove trailing whitespace from d/changelog. * debian/ca-certificates.postinst: Fix permissions on /usr/local/share/ca-certificates when using symlinks. Closes: #916833 * sbin/update-ca-certificates: Remove orphan symlinks found in /etc/ssl/certs to prevent `openssl rehash` from exiting with an error. Closes: #895482, #895473 This will also fix removal of user CA certificates from /usr/local without needing to run --fresh. Closes: #911303 * mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle to version 2.28. The following certificate authorities were added (+): + "GlobalSign Root CA - R6" + "OISTE WISeKey Global Root GC CA" The following certificate authorities were removed (-): - "Certplus Root CA G1" - "Certplus Root CA G2" - "OpenTrust Root CA G1" - "OpenTrust Root CA G2" - "OpenTrust Root CA G3" - "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5" - "Visa eCommerce Root" -- Michael Shuler Thu, 10 Jan 2019 19:31:31 -0600 -- Kind regards, Michael signature.asc Description: OpenPGP digital signature