1
0
ca-certificates-mozilla/ca-certificates-mozilla.changes

268 lines
10 KiB
Plaintext
Raw Normal View History

-------------------------------------------------------------------
Tue Jun 10 12:52:29 UTC 2014 - meissner@suse.com
- in sle11 we bumped openssl-certs version to match the NSS version,
so provide/obsolete the current version.
-------------------------------------------------------------------
Wed Jun 4 08:21:33 UTC 2014 - lnussel@suse.de
- updated certificates to revision 1.97 (bnc#881241)
new: "Atos TrustedRoot 2011" (codeSigning emailProtection serverAuth)
new: "Tugra Certification Authority" (codeSigning serverAuth)
removed: "Firmaprofesional Root CA"
removed: "TDC OCES Root CA"
new: "TeliaSonera Root CA v1" (emailProtection serverAuth)
new: "T-TeleSec GlobalRoot Class 2" (emailProtection serverAuth)
-------------------------------------------------------------------
Fri Feb 21 16:18:35 UTC 2014 - meissner@suse.com
- updated certificates to revision 1.96 (bnc#865080)
new: ACCVRAIZ1.pem (Spain) (all trusts)
new: SG_TRUST_SERVICES_RACINE.pem (Singapore) (email signing only)
new: TWCA_Global_Root_CA.pem (Taiwanese) (all trusts)
removed: Wells_Fargo_Root_CA.pem
-------------------------------------------------------------------
Mon Dec 9 16:01:29 UTC 2013 - meissner@suse.com
- Updated to 1.95
Distrust a sub-ca that issued google.com certificates.
"Distrusted AC DG Tresor SSL" (bnc#854367)
-------------------------------------------------------------------
Mon Dec 9 09:56:32 UTC 2013 - lnussel@suse.de
- fix handling of certificates with same name (bnc#854163)
- Updated to 1.94 * new: CA_Disig_Root_R1:2.9.0.195.3.154.238.80.144.110.40.crt server auth, code signing, email signing * new: CA_Disig_Root_R2:2.9.0.146.184.136.219.176.138.193.99.crt server auth, code signing, email signing * new: China_Internet_Network_Information_Center_EV_Certificates_Root:2.4.72.159.0.1.crt server auth * changed: Digital_Signature_Trust_Co._Global_CA_1:2.4.54.112.21.150.crt removed code signing and server auth abilities * changed: Digital_Signature_Trust_Co._Global_CA_3:2.4.54.110.211.206.crt removed code signing and server auth abilities * new: D-TRUST_Root_Class_3_CA_2_2009:2.3.9.131.243.crt server auth * new: D-TRUST_Root_Class_3_CA_2_EV_2009:2.3.9.131.244.crt server auth * removed: Entrust.net_Premium_2048_Secure_Server_CA:2.4.56.99.185.102.crt * new: Entrust.net_Premium_2048_Secure_Server_CA:2.4.56.99.222.248.crt I think the missing flags were adjusted. * removed: Equifax_Secure_eBusiness_CA_2:2.4.55.112.207.181.crt * new: PSCProcert:2.1.11.crt server auth, code signing, email signing * new: Swisscom_Root_CA_2:2.16.30.158.40.232.72.242.229.239.195.124.74.30.90.24.103.182.crt server auth, code signing, email signing * new: Swisscom_Root_EV_CA_2:2.17.0.242.250.100.226.116.99.211.141.253.16.29.4.31.118.202.88.crt server auth, code signing * changed: TC_TrustCenter_Universal_CA_III:2.14.99.37.0.1.0.2.20.141.51.21.2.228.108.244.crt removed all abilities * new: TURKTRUST_Certificate_Services_Provider_Root_2007:2.1.1.crt server auth, code signing * changed: TWCA_Root_Certification_Authority:2.1.1.crt OBS-URL: https://build.opensuse.org/package/show/Base:System/ca-certificates-mozilla?expand=0&rev=45
2013-10-29 14:59:48 +01:00
-------------------------------------------------------------------
Tue Oct 29 13:52:16 UTC 2013 - meissner@suse.com
- Updated to 1.94
* new: CA_Disig_Root_R1:2.9.0.195.3.154.238.80.144.110.40.crt
server auth, code signing, email signing
* new: CA_Disig_Root_R2:2.9.0.146.184.136.219.176.138.193.99.crt
server auth, code signing, email signing
* new: China_Internet_Network_Information_Center_EV_Certificates_Root:2.4.72.159.0.1.crt
server auth
* changed: Digital_Signature_Trust_Co._Global_CA_1:2.4.54.112.21.150.crt
removed code signing and server auth abilities
* changed: Digital_Signature_Trust_Co._Global_CA_3:2.4.54.110.211.206.crt
removed code signing and server auth abilities
* new: D-TRUST_Root_Class_3_CA_2_2009:2.3.9.131.243.crt
server auth
* new: D-TRUST_Root_Class_3_CA_2_EV_2009:2.3.9.131.244.crt
server auth
* removed: Entrust.net_Premium_2048_Secure_Server_CA:2.4.56.99.185.102.crt
* new: Entrust.net_Premium_2048_Secure_Server_CA:2.4.56.99.222.248.crt
I think the missing flags were adjusted.
* removed: Equifax_Secure_eBusiness_CA_2:2.4.55.112.207.181.crt
* new: PSCProcert:2.1.11.crt
server auth, code signing, email signing
* new: Swisscom_Root_CA_2:2.16.30.158.40.232.72.242.229.239.195.124.74.30.90.24.103.182.crt
server auth, code signing, email signing
* new: Swisscom_Root_EV_CA_2:2.17.0.242.250.100.226.116.99.211.141.253.16.29.4.31.118.202.88.crt
server auth, code signing
* changed: TC_TrustCenter_Universal_CA_III:2.14.99.37.0.1.0.2.20.141.51.21.2.228.108.244.crt
removed all abilities
* new: TURKTRUST_Certificate_Services_Provider_Root_2007:2.1.1.crt
server auth, code signing
* changed: TWCA_Root_Certification_Authority:2.1.1.crt
added code signing ability
- removed temporary Entrust.net_Premium_2048_Secure_Server_CA.p11-kit override.
- Updated to 1.94 * new: CA_Disig_Root_R1:2.9.0.195.3.154.238.80.144.110.40.crt server auth, code signing, email signing * new: CA_Disig_Root_R2:2.9.0.146.184.136.219.176.138.193.99.crt server auth, code signing, email signing * new: China_Internet_Network_Information_Center_EV_Certificates_Root:2.4.72.159.0.1.crt server auth * changed: Digital_Signature_Trust_Co._Global_CA_1:2.4.54.112.21.150.crt removed code signing and server auth abilities * changed: Digital_Signature_Trust_Co._Global_CA_3:2.4.54.110.211.206.crt removed code signing and server auth abilities * new: D-TRUST_Root_Class_3_CA_2_2009:2.3.9.131.243.crt server auth * new: D-TRUST_Root_Class_3_CA_2_EV_2009:2.3.9.131.244.crt server auth * removed: Entrust.net_Premium_2048_Secure_Server_CA:2.4.56.99.185.102.crt * new: Entrust.net_Premium_2048_Secure_Server_CA:2.4.56.99.222.248.crt I think the missing flags were adjusted. * removed: Equifax_Secure_eBusiness_CA_2:2.4.55.112.207.181.crt * new: PSCProcert:2.1.11.crt server auth, code signing, email signing * new: Swisscom_Root_CA_2:2.16.30.158.40.232.72.242.229.239.195.124.74.30.90.24.103.182.crt server auth, code signing, email signing * new: Swisscom_Root_EV_CA_2:2.17.0.242.250.100.226.116.99.211.141.253.16.29.4.31.118.202.88.crt server auth, code signing * changed: TC_TrustCenter_Universal_CA_III:2.14.99.37.0.1.0.2.20.141.51.21.2.228.108.244.crt removed all abilities * new: TURKTRUST_Certificate_Services_Provider_Root_2007:2.1.1.crt server auth, code signing * changed: TWCA_Root_Certification_Authority:2.1.1.crt OBS-URL: https://build.opensuse.org/package/show/Base:System/ca-certificates-mozilla?expand=0&rev=45
2013-10-29 14:59:48 +01:00
-------------------------------------------------------------------
Mon Aug 19 13:07:07 UTC 2013 - lnussel@suse.de
- update Entrust root attributes to new format used by p11-kit
-------------------------------------------------------------------
Wed Jul 24 15:05:31 UTC 2013 - lnussel@suse.de
- remove superfluous double quotes from certificate names
-------------------------------------------------------------------
Wed Jul 24 14:21:18 UTC 2013 - lnussel@suse.de
- add fake basic contraints to Entrust root so p11-kit export the cert
(bnc#829471)
- add nssckbi.h that matches certdata.txt; make sure package has the
correct version number which is currently 1.93. No actual content
change in certdata.txt compared to 1.85, it's just that the
versioning scheme changed.
-------------------------------------------------------------------
Thu Jun 27 16:03:05 UTC 2013 - lnussel@suse.de
- use certdata2pem.py from Fedora to extract all certs
-------------------------------------------------------------------
Fri Jun 21 12:59:53 UTC 2013 - lnussel@suse.de
- use correct 'anchors' subdirectory
-------------------------------------------------------------------
Wed Jun 19 09:30:00 UTC 2013 - lnussel@suse.de
- new location of CA certificate anchors is
/usr/share/ca-certificates/anchors
-------------------------------------------------------------------
Thu Jan 3 19:16:01 UTC 2013 - idonmez@suse.com
- update certificates to revision 1.87 (bnc#796628)
* new "EE Certification Centre Root CA"
* new "T-TeleSec GlobalRoot Class 3"
* revoke mis-issued intermediate CAs from TURKTRUST
-------------------------------------------------------------------
Wed Oct 10 14:50:00 UTC 2012 - meissner@suse.com
- updated certificates to revision 1.85 (bnc#783509)
* new "Actalis Authentication Root CA"
* new "Trustis FPS Root CA"
* new "StartCom Certification Authority"
* new "StartCom Certification Authority G2"
* new "Buypass Class 2 Root CA"
* new "Buypass Class 3 Root CA"
* updated: "Sonera Class2 CA": remove code-signing
* updated: "thawte Primary Root CA": added code-signing
* updated: "Trustis_FPS_Root_CA.pem": added code-signing
* updated: VeriSign Class 3 Public Primary Certification Authority - G5":
added code-signing, email-protection
-------------------------------------------------------------------
Thu May 3 12:13:20 UTC 2012 - lnussel@suse.de
- update certificates to revision 1.83 (bnc#760503)
* new: EC_ACC.pem
* new: Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
* new: Security_Communication_RootCA2.pem
* removed: TC_TrustCenter_Germany_Class_2_CA.pem
* removed: TC_TrustCenter_Germany_Class_3_CA.pem
* removed: Verisign_Class_1_Public_Primary_Certification_Authority.1.pem
* removed: Verisign_Class_2_Public_Primary_Certification_Authority.pem
* removed: Verisign_Class_4_Public_Primary_Certification_Authority_G2.pem
- license change to MPL-2.0
-------------------------------------------------------------------
Fri Jan 13 08:52:29 UTC 2012 - cfarrell@suse.com
- license update: MPL-1.1 or GPL-2.0+ or LGPL-2.1+
SPDX format and correct GPL and LGPL tags to include or later
-------------------------------------------------------------------
Thu Jan 12 11:30:31 UTC 2012 - coolo@suse.com
- change license to be in spdx.org format
-------------------------------------------------------------------
Sat Sep 17 21:58:34 UTC 2011 - jengelh@medozas.de
- Remove redundant tags/sections from specfile
-------------------------------------------------------------------
Wed Aug 31 09:02:10 UTC 2011 - lnussel@suse.de
- update certificates to revision 1.76
* new: Go_Daddy_Root_Certificate_Authority_G2.pem
* new: Starfield_Root_Certificate_Authority_G2.pem
* new: Starfield_Services_Root_Certificate_Authority_G2.pem
* new: AffirmTrust_Commercial.pem
* new: AffirmTrust_Networking.pem
* new: AffirmTrust_Premium.pem
* new: AffirmTrust_Premium_ECC.pem
* new: Certum_Trusted_Network_CA.pem
* new: Certinomis_Autorit_Racine.pem
* new: Root_CA_Generalitat_Valenciana.pem
* new: A_Trust_nQual_03.pem
* new: TWCA_Root_Certification_Authority.pem
* removed: DigiNotar_Root_CA.pem (bnc#714931)
-------------------------------------------------------------------
Mon Jan 31 13:43:23 UTC 2011 - lnussel@suse.de
- update certificates to revision 1.70
* new: AddTrust_Qualified_Certificates_Root.pem
* new: Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
* new: Chambers_of_Commerce_Root_2008.pem
* new: Global_Chambersign_Root_2008.pem
* new: Izenpe_com.pem
* new: TC_TrustCenter_Universal_CA_III.pem
-------------------------------------------------------------------
Mon Sep 27 14:27:52 UTC 2010 - lnussel@suse.de
- update certificates to revision 1.65
* new: E_Guven_Kok_Elektronik_Sertifika_Hizmet_Saglayicisi.pem
* new: GlobalSign_Root_CA_R3.pem
* new: Microsec_e_Szigno_Root_CA_2009.pem
* new: Verisign_Class_1_Public_Primary_Certification_Authority.1.pem
* new: Verisign_Class_3_Public_Primary_Certification_Authority.1.pem
-------------------------------------------------------------------
Fri May 21 12:30:01 UTC 2010 - lnussel@suse.de
- update certificates to revision 1.64
* removed "RSA Security 1024 V3" certificate
-------------------------------------------------------------------
Thu Apr 8 09:24:37 UTC 2010 - lnussel@suse.de
- require ca-certificates also for postun
-------------------------------------------------------------------
Thu Apr 1 12:14:11 UTC 2010 - lnussel@suse.de
- don't output trusted certs by default as it's not supported by
gnutls yet and pidgin scans /etc/ssl/certs
-------------------------------------------------------------------
Thu Apr 1 11:39:01 UTC 2010 - lnussel@suse.de
- update certificates to revision 1.62
-------------------------------------------------------------------
Fri Mar 26 15:27:34 UTC 2010 - lnussel@suse.de
- extract trustbits as comment as Fedora does
- convert to trusted certificates in spec file instead
-------------------------------------------------------------------
Thu Mar 25 08:16:56 UTC 2010 - lnussel@suse.de
- rename to ca-certificates-mozilla
- output trusted certificates
- use utf8 in file names
-------------------------------------------------------------------
Tue Feb 2 16:27:35 UTC 2010 - lnussel@suse.de
- update certificates to revision 1.57
- add script to compare with previous certificates
-------------------------------------------------------------------
Wed Sep 30 13:17:45 UTC 2009 - lnussel@suse.de
- update certifiates to cvs revision 1.56
- exclude certficates that are not trusted for identifying web sites
-------------------------------------------------------------------
Tue Dec 2 11:29:03 CET 2008 - cfarrell@suse.de
- Add openssl-certs.COPYING to fix bnc#441356
-------------------------------------------------------------------
Thu Oct 9 17:49:57 CEST 2008 - lnussel@suse.de
- use certificates from MozillaFirefox
-------------------------------------------------------------------
Wed Jul 9 15:15:38 CEST 2008 - mkoenig@suse.de
- split out the CA root certificates from the openssl certs
subpackage into a package of its own.