summaryrefslogtreecommitdiff
path: root/debian/NEWS
blob: cf531b919df768d60e4e7af38707becf559572d2 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243

ca-certificates (20130906) unstable; urgency=low

  Update mozilla/certdata.txt to version 1.94
    Certificates added (+) and removed (-):
    + "CA Disig Root R1"
    + "CA Disig Root R2"
    + "China Internet Network Information Center EV Certificates Root"
    + "D-TRUST Root Class 3 CA 2 2009"
    + "D-TRUST Root Class 3 CA 2 EV 2009"
    + "PSCProcert"
    + "Swisscom Root CA 2"
    + "Swisscom Root EV CA 2"
    + "TURKTRUST Certificate Services Provider Root 2007"
    - "Equifax Secure eBusiness CA 2"
    - "TC TrustCenter Universal CA III"

 -- Michael Shuler <michael@pbandjelly.org>  Fri, 06 Sep 2013 11:31:06 -0500

ca-certificates (20130610) unstable; urgency=low

  CAcert root and class3 certificates are now installed as individual
  files, no longer as the concatenation of the two. The certificates
  are installed as cacert.org_root.crt and cacert.org_class3.crt for
  ease of identification.

  Remove obsolete debconf.org CA.
  Remove obsolete SPI CA certificate expired in 2007.

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 10 Jun 2013 19:57:05 +0200

ca-certificates (20130119) unstable; urgency=low

  Update mozilla/certdata.txt to version 1.87
    Certificates removed (-) (none added):
    - "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı"

 -- Michael Shuler <michael@pbandjelly.org>  Sat, 19 Jan 2013 14:08:50 -0600

ca-certificates (20121105) unstable; urgency=low

  Update mozilla/certdata.txt to version 1.86
    Certificates added (+) (none removed):
    + "Actalis Authentication Root CA"
    + "Trustis FPS Root CA"
    + "StartCom Certification Authority" (renewal/rehash)
    + "StartCom Certification Authority G2"
    + "Buypass Class 2 Root CA"
    + "Buypass Class 3 Root CA"
    + "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı"
    + "T-TeleSec GlobalRoot Class 3"
    + "EE Certification Centre Root CA"

 -- Michael Shuler <michael@pbandjelly.org>  Mon, 05 Nov 2012 10:56:28 -0600

ca-certificates (20120212) unstable; urgency=low

  Update mozilla/certdata.txt to version 1.81
    Certificates added (+) and removed (-):
    + "Security Communication RootCA2"
    + "EC-ACC"
    + "Hellenic Academic and Research Institutions RootCA 2011"
    - "Verisign Class 2 Public Primary Certification Authority"
    - "Verisign Class 4 Public Primary Certification Authority - G2"
    - "TC TrustCenter, Germany, Class 2 CA"
    - "TC TrustCenter, Germany, Class 3 CA"

 -- Michael Shuler <michael@pbandjelly.org>  Sun, 12 Feb 2012 15:12:59 -0600

ca-certificates (20111211) unstable; urgency=low

  Remove French Government IGC/A CA certificates. The RSA certificate is
    included in the Mozilla bundle and the DSA certificate is not in use.
  Remove expired signet.pl CAs.
  Remove expired brasil.gov.br CA.

 -- Michael Shuler <michael@pbandjelly.org>  Sun, 11 Dec 2011 19:05:32 -0600

ca-certificates (20111025) unstable; urgency=low

  Update mozilla/certdata.txt to latest (NSS branch version 1.64.2.13)
    Certificates added (+) and removed (-):
    + "AffirmTrust Commercial"
    + "AffirmTrust Networking"
    + "AffirmTrust Premium"
    + "AffirmTrust Premium ECC"
    + "A-Trust-nQual-03"
    + "Certinomis - Autorité Racine"
    + "Certum Trusted Network CA"
    + "Go Daddy Root Certificate Authority - G2"
    + "Root CA Generalitat Valenciana"
    + "Starfield Root Certificate Authority - G2"
    + "Starfield Services Root Certificate Authority - G2"
    + "TWCA Root Certification Authority"
    - "AOL Time Warner Root Certification Authority 1"
    - "AOL Time Warner Root Certification Authority 2"
    - "DigiNotar Root CA"
    - "Entrust.net Global Secure Personal CA"
    - "Entrust.net Global Secure Server CA"
    - "Entrust.net Secure Personal CA"
    - "IPS Chained CAs root"
    - "IPS CLASE1 root"
    - "IPS CLASE3 root"
    - "IPS CLASEA1 root"
    - "IPS CLASEA3 root"
    - "IPS Timestamping root"
    - "Thawte Personal Freemail CA"
    - "Thawte Time Stamping CA"
  Update CAcert-Class 3-Subroot-certificate  Closes: #630232

 -- Michael Shuler <michael@pbandjelly.org>  Sun, 23 Oct 2011 23:16:57 -0500

ca-certificates (20090708) unstable; urgency=low

  * Removed CA files:
    - cacert.org/root.crt and cacert.org/class3.crt:
      Both certificate files were deprecated with 20080809.  Users of these
      root certificates are encouraged to switch to
      `cacert.org/cacert.org.crt' which contains both class 1 and class 3
      roots joined in a single file.
    - quovadis.bm/QuoVadis_Root_Certification_Authority.crt:
      This certificate has been added into the Mozilla truststore and
      is available as `mozilla/QuoVadis_Root_CA.crt'.

 -- Philipp Kern <pkern@debian.org>  Wed, 08 Jul 2009 23:19:56 +0200

ca-certificates (20090701) unstable; urgency=low

  * Readded Equifax Secure Global eBusiness CA.

 -- Philipp Kern <pkern@debian.org>  Wed, 01 Jul 2009 14:47:02 +0200

ca-certificates (20090624) unstable; urgency=low

  * This update eases the installation of local certification authorities
    by providing a canonical location in `/usr/local/share/ca-certificates'.
    All certificates found in this directory will automatically be included
    into the list of trusted certificates.  For details please see
    `/usr/share/doc/ca-certificates/README.Debian'.
  * New CA certificates:
    - COMODO ECC Certification Authority
    - DigiNotar Root CA
    - Network Solutions Certificate Authority
    - WellsSecure Public Root Certificate Authority
  * Removed CA certificates:
    - Equifax Secure Global eBusiness CA
    - UTN USERFirst Object Root CA

 -- Philipp Kern <pkern@debian.org>  Wed, 24 Jun 2009 21:04:45 +0200

ca-certificates (20080809) unstable; urgency=low

  * New cacert.org.pem joining both CACert Class 1 and Class 3 certificates.
    This file can be used for proper certificate chaining if CACert
    server certificates are used.  The old class3.pem and root.pem
    certificates are deprecated.  This new file could safely serve as
    a replacement for both.

 -- Philipp Kern <pkern@debian.org>  Sat, 09 Aug 2008 14:58:24 -0300

ca-certificates (20080617) unstable; urgency=low

  * New CA certificates:
    - gouv.fr: added French Government's IGC/A CA
    - spi-inc.org: added new SPI CA certificate, created in reponse to
      the infamous OpenSSL security update (already in 20080514)
  * Removed CA certificates:
    - spi-inc.org: removed old, still valid but possibly compromised
      SPI CA certificates from 2006 and 2007 (already in 20080514)

 -- Philipp Kern <pkern@debian.org>  Fri, 20 Jun 2008 10:05:49 +0200

ca-certificates (20080411) unstable; urgency=low

  * New CA certificates:
    - spi-inc.org: current SPI CA certificate
    - telesec.de: added Deutsche Telekom Root CA 2
    - mozilla:
      + Camerfirma Chambers of Commerce Root
      + Camerfirma Global Chambersign Root
      + Certplus Class 2 Primary CA
      + COMODO Certification Authority
      + DigiCert Assured ID Root CA
      + DigiCert Global Root CA
      + DigiCert High Assurance EV Root CA
      + DST ACES CA X6
      + DST Root CA X3
      + Entrust Root Certification Authority
      + Firmaprofesional Root CA
      + GeoTrust Global CA 2
      + GeoTrust Primary Certification Authority
      + GeoTrust Universal CA
      + GeoTrust Universal CA 2
      + GlobalSign Root CA - R2
      + Go Daddy Class 2 CA
      + NetLock Business (Class B) Root
      + NetLock Express (Class C) Root
      + NetLock Notary (Class A) Root
      + NetLock Qualified (Class QA) Root
      + QuoVadis Root CA 2
      + QuoVadis Root CA 3
      + Secure Global CA
      + SecureTrust CA
      + Starfield Class 2 CA
      + StartCom Certification Authority
      + StartCom Ltd.
      + Swisscom Root CA 1
      + SwissSign Gold CA - G2
      + SwissSign Platinum CA - G2
      + SwissSign Silver CA - G2
      + Taiwan GRCA
      + thawte Primary Root CA
      + TURKTRUST Certificate Services Provider Root 1
      + TURKTRUST Certificate Services Provider Root 2
      + VeriSign Class 3 Public Primary Certification Authority - G5
      + Wells Fargo Root CA
      + XRamp Global CA Root
  * Removed CA certificates:
    - mozilla:
      + Verisign Class 1 Public Primary OCSP Responder
      + Verisign Class 2 Public Primary OCSP Responder
      + Verisign Class 3 Public Primary OCSP Responder
      + Verisign Secure Server OCSP Responder

 -- Philipp Kern <pkern@debian.org>  Mon, 07 Apr 2008 18:00:06 +0200

ca-certificates (20070303) unstable; urgency=low

  * New CA certificates:
    - debconf.org: DebConf
    - cacert.org: add class3

 -- Fumitoshi UKAI <ukai@debian.or.jp>  Sat,  3 Mar 2007 21:21:50 -0800

ca-certificates (20040808) unstable; urgency=low

  * New CA certificates:
   - brasil.gov.gr: Autoridade Certificadora Raiz Brasileira
   - signet.pl: Certification Center Signet (CC Signet)
   - quovadis.bm: QuoVadis CA certificates
  * Remove CA certificates:
   - debian.org: revoked due to crack incident.

 -- Fumitoshi UKAI <ukai@debian.or.jp>  Sun,  8 Aug 2004 22:43:36 +0900
View Lorry Controller Status