Hi,
Michael Shuler wrote (18 Nov 2012 21:22:54 GMT) :
20121114 has not been uploaded to unstable, yet, so I had some time to
rebuild and include an additional note, today:
* Update mozilla/certdata.txt to version 1.86 Closes: #683728
- Replace legacy no explicit trust flag of
On 11/15/2012 08:46 AM, Michael Shuler wrote:
On 11/14/2012 06:12 PM, intrigeri wrote:
I think it would be even better to replace clean up with some
version of parsing certdata.txt for the ca-certificates package,
neither of these flags are used when the CA trust database is created,
so both
Hi,
Michael Shuler wrote (11 Nov 2012 20:59:10 GMT) :
In parsing certdata.txt for the ca-certificates package, neither of
these flags are used when the CA trust database is created, so both
CKT_NSS_MUST_VERIFY_TRUST and CKT_NSS_TRUST_UNKNOWN flags are
ignored. This is why I indicated these
On 15.11.2012 00:12, intrigeri wrote:
In any case, this is starting to look like a pre-approval request
more
than a unblock one, since the actual package to unblock has not been
uploaded yet. So, I guess it might be dealt with slightly faster if
the bug against release.d.o was formally put into
On 11/14/2012 06:12 PM, intrigeri wrote:
Michael Shuler wrote (11 Nov 2012 20:59:10 GMT) :
In parsing certdata.txt for the ca-certificates package, neither of
these flags are used when the CA trust database is created, so both
CKT_NSS_MUST_VERIFY_TRUST and CKT_NSS_TRUST_UNKNOWN flags are
Hi,
Michael Shuler wrote (10 Nov 2012 19:02:14 GMT) :
I intended to add a comment that those lines are in the debdiff from
the new certdata.txt and that they are innocuous.
That may be me nitpicking, but they are innocuous does not really
address my desire to understand an undocumented change
On 11/11/2012 12:15 PM, intrigeri wrote:
That may be me nitpicking, but they are innocuous does not really
address my desire to understand an undocumented change in
a security-sensitive area. I'm still curious and feeling like this
should be documented somehow, but I'll happily let others
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Please unblock package ca-certificates
ca-certificates/20121105 has been uploaded to unstable and includes two
important fixes for Wheezy:
tags 692911 + moreinfo
thanks
Hi,
Michael Shuler wrote (10 Nov 2012 17:52:41 GMT) :
unblock ca-certificates/20121105
There are multiple instances of:
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUST_UNKNOWN
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
I guess that was imported
Processing commands for cont...@bugs.debian.org:
tags 692911 + moreinfo
Bug #692911 [release.debian.org] unblock: ca-certificates/20121105
Added tag(s) moreinfo.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
692911:
On 11/10/2012 12:23 PM, intrigeri wrote:
Michael Shuler wrote (10 Nov 2012 17:52:41 GMT) :
unblock ca-certificates/20121105
There are multiple instances of:
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUST_UNKNOWN
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
I guess that was
11 matches
Mail list logo