20121114 (patches unapplied)

Imported using git-ubuntu import.
[ Don Armstrong ] * Breaks ca-certificates-java (<<20121112+nmu1); partially fixing #537051. * Provide update-ca-certificates and update-ca-certificates-fresh triggers. * Call the triggers using no-await so that the configuration files from the newer version of ca-certificates-java are in places before the upgrade. Closes: #537051. [ Michael Shuler ] * Add note to previous mozilla/certdata.txt changelog entry to document CKT_NSS_MUST_VERIFY_TRUST changes.
2025-08-05 16:59:04 +00:00 · 2012-11-14 23:58:59 -06:00 · 2012-11-14 23:58:59 -06:00 · 9625595db7 · 2020-07-14 23:27:18 +00:00
commit 9625595db7
parent 6c0d765d7f
5 changed files with 48 additions and 3 deletions
--- a/debian/ca-certificates.triggers
+++ b/debian/ca-certificates.triggers
@ -0,0 +1,4 @@
 interest-noawait update-ca-certificates
 interest-noawait update-ca-certificates-fresh
 interest update-ca-certificates
 interest update-ca-certificates-fresh
--- a/debian/changelog
+++ b/debian/changelog
@ -1,6 +1,28 @@
 ca-certificates (20121114) unstable; urgency=low
  [ Don Armstrong ]
  * Breaks ca-certificates-java (<<20121112+nmu1); partially fixing #537051.
  * Provide update-ca-certificates and update-ca-certificates-fresh
    triggers.
  * Call the triggers using no-await so that the configuration files from
    the newer version of ca-certificates-java are in places before the
    upgrade. Closes: #537051.
  [ Michael Shuler ]
  * Add note to previous mozilla/certdata.txt changelog entry to document
    CKT_NSS_MUST_VERIFY_TRUST changes.
 -- Michael Shuler <michael@pbandjelly.org>  Wed, 14 Nov 2012 23:58:59 -0600
 ca-certificates (20121105) unstable; urgency=low
  * Update mozilla/certdata.txt to version 1.86  Closes: #683728
    - Replace legacy "no explicit trust" flag of CKT_NSS_TRUST_UNKNOWN for
      CKT_NSS_MUST_VERIFY_TRUST, instead of a mix of both flags:
      https://bugzilla.mozilla.org/show_bug.cgi?id=757189
      This upstream fix does not change the CA certificates installed in
      ca-certificates as both flags are ignored. Only those CA certificates
      with the CKT_NSS_TRUSTED_DELEGATOR flag in certdata.txt are installed.
    Certificates added (+) (none removed):
    + "Actalis Authentication Root CA"
    + "Trustis FPS Root CA"
--- a/debian/config
+++ b/debian/config
@ -5,7 +5,7 @@ set -e
 action="$1"
 cur_version="$2"
-this_version='20121105'
+this_version='20121114'
 pt_BR_fixed_version="20080616"
 if test -f /etc/ca-certificates.conf; then
--- a/debian/control
+++ b/debian/control
@ -13,9 +13,11 @@ Vcs-Browser: http://git.debian.org/?p=collab-maint/ca-certificates.git
 Package: ca-certificates
 Architecture: all
 Pre-Depends: dpkg (>= 1.16.1)
 Depends: openssl (>= 1.0.0), ${misc:Depends}
 Enhances: openssl
 Multi-Arch: foreign
 Breaks: ca-certificates-java (<<20121112+nmu1)
 Description: Common CA certificates
 This package includes PEM files of CA certificates to allow SSL-based
 applications to check for the authenticity of SSL connections.
--- a/debian/postinst
+++ b/debian/postinst
@ -142,12 +142,29 @@ EOF
 	# fix bogus symlink to ca-certificates.crt on upgrades; see
 	# Debian #643667; drop after wheezy
 	if dpkg --compare-versions "$2" lt-nl 20111025; then
-	    update-ca-certificates --fresh
+	    dpkg-trigger --no-await update-ca-certificates-fresh
 	else
-	    update-ca-certificates
+	    dpkg-trigger --no-await update-ca-certificates
 	fi
    ;;
    triggered)
 	for trigger in $2; do
 	    case "$trigger" in
 		update-ca-certificates)
 		    update-ca-certificates
 		    ;;
 		update-ca-certificates-fresh)
 		    update-ca-certificates --fresh
 		    ;;
 		*)
 		    echo "postinst called with unknown trigger \`$2'">&2
 		    exit 1
 		    ;;
 	    esac;
 	done;
 	;;
    abort-upgrade|abort-remove|abort-deconfigure)
    ;;