Changelog
ca-certificates (20090624) unstable; urgency=low
* Allow local certificate installation. All certificates found
in `/usr/local/share/ca-certificates' will be automatically added
to the list of trusted certificates in `/etc/ssl/certs'.
(Closes: #352637, #419491, #473677, #476663, #511150)
* Updated Mozilla certificates from nss 3.12.3-1 (certdata.txt revision
1.51):
+ COMODO ECC Certification Authority
+ DigiNotar Root CA
+ Network Solutions Certificate Authority
+ WellsSecure Public Root Certificate Authority
- Equifax Secure Global eBusiness CA
- UTN USERFirst Object Root CA
* Reimplemented the Mozilla certdata parser mainly to exclude explicitly
untrusted certificates. This led to the exclusion of the
"MD5 Collisions Forged Rogue CA 23c3" and its parent
"Equifax Secure Global eBusiness CA". Furthermore code signing-only
certificates are no longer included neither.
* Remove the purging of old PEM files in postinst dating back to
versions earlier than 20030414.
* Hooks are now called at every invocation of `update-ca-certificates'.
If no changes were done to `/etc/ssl/certs', the input for the
hooks will be empty, though. Failure exit codes of hooks will not
tear down the upgrade process anymore. They are printed but ignored.
-- Ubuntu Archive Auto-Sync <email address hidden> Thu, 25 Jun 2009 07:43:41 +0100