Author: kevans
Date: Thu Dec 5 15:32:33 2019
New Revision: 355423
URL: https://svnweb.freebsd.org/changeset/base/355423
Log:
UPDATING: Add long-belated note about certs in base
While the interaction between this and the ETCSYMLINK option of
security/ca_root_nss isn't necessarily fatal, one should be aware and
attempt to understand the ramifications of mixing the two.
ports-secteam will be contacted to discuss the default option for branches
where certs are being included in base.
Modified:
head/UPDATING
Modified: head/UPDATING
==============================================================================
--- head/UPDATING Thu Dec 5 15:21:13 2019 (r355422)
+++ head/UPDATING Thu Dec 5 15:32:33 2019 (r355423)
@@ -26,6 +26,16 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 13.x IS SLOW:
disable the most expensive debugging functionality run
"ln -s 'abort:false,junk:false' /etc/malloc.conf".)
+20191205:
+ The root certificates of the Mozilla CA Certificate Store have been
+ imported into the base system and can be managed with the certctl(8)
+ utility. If you have installed the security/ca_root_nss port or package
+ with the ETCSYMLINK option (the default), be advised that there may be
+ differences between those included in the port and those included in
+ base due to differences in nss branch used as well as general update
+ frequency. Note also that certctl(8) cannot manage certs in the
+ format used by the security/ca_root_nss port.
+
20191120:
The amd(8) automount daemon has been disabled by default, and will be
removed in the future. As of FreeBSD 10.1 the autofs(5) is available
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
