diff options
author | Michael Shuler <michael@pbandjelly.org> | 2020-06-01 13:53:02 -0500 |
---|---|---|
committer | Michael Shuler <michael@pbandjelly.org> | 2020-06-01 13:53:02 -0500 |
commit | 1efe81a680eedb94111716c8825290a0cde509af (patch) | |
tree | fb644644179199d33f59903a9cea1b9eeb8f7b46 | |
parent | 983ad2cf8efe182a949da8a497be106d437abdc7 (diff) | |
download | ca-certificates-1efe81a680eedb94111716c8825290a0cde509af.tar.gz |
Set release 20200601; add Symantec CAs to blacklist
-rw-r--r-- | debian/changelog | 20 | ||||
-rw-r--r-- | mozilla/blacklist.txt | 22 |
2 files changed, 39 insertions, 3 deletions
diff --git a/debian/changelog b/debian/changelog index e6647ed..03b3bba 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,7 +1,10 @@ -ca-certificates (20200118) UNRELEASED; urgency=medium +ca-certificates (20200601) unstable; urgency=medium * mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle to version 2.40. + Closes: #956411, #955038 + * Add distrusted Symantec CA list to blacklist for explicit removal. + Closes: #911289 The following certificate authorities were added (+): + "Certigna Root CA" + "emSign ECC Root CA - C3" @@ -20,8 +23,19 @@ ca-certificates (20200118) UNRELEASED; urgency=medium - "Certinomis - Root CA" - "Certplus Class 2 Primary CA" - "Deutsche Telekom Root CA 2" - - -- Michael Shuler <michael@pbandjelly.org> Sat, 18 Jan 2020 09:38:06 -0600 + - "GeoTrust Global CA" + - "GeoTrust Primary Certification Authority" + - "GeoTrust Primary Certification Authority - G2" + - "GeoTrust Primary Certification Authority - G3" + - "GeoTrust Universal CA" + - "thawte Primary Root CA" + - "thawte Primary Root CA - G2" + - "thawte Primary Root CA - G3" + - "VeriSign Class 3 Public Primary Certification Authority - G4" + - "VeriSign Class 3 Public Primary Certification Authority - G5" + - "VeriSign Universal Root Certification Authority" + + -- Michael Shuler <michael@pbandjelly.org> Mon, 01 Jun 2020 11:45:49 -0500 ca-certificates (20190110) unstable; urgency=high diff --git a/mozilla/blacklist.txt b/mozilla/blacklist.txt index 37f515c..8914d97 100644 --- a/mozilla/blacklist.txt +++ b/mozilla/blacklist.txt @@ -11,3 +11,25 @@ "TURKTRUST Mis-issued Intermediate CA 1" "TURKTRUST Mis-issued Intermediate CA 2" +# Distrusted Symantec Root CAs: +"GeoTrust Global CA" +"GeoTrust Primary Certification Authority" +"GeoTrust Primary Certification Authority - G2" +"GeoTrust Primary Certification Authority - G3" +"GeoTrust Universal CA" +"Thawte Premium Server CA" +"thawte Primary Root CA" +"thawte Primary Root CA - G2" +"thawte Primary Root CA - G3" +"Symantec Class 1 Public Primary Certification Authority - G4" +"Symantec Class 1 Public Primary Certification Authority - G6" +"Symantec Class 2 Public Primary Certification Authority - G4" +"Symantec Class 2 Public Primary Certification Authority - G6" +"Symantec Class 3 Public Primary Certification Authority - G4" +"Symantec Class 3 Public Primary Certification Authority - G6" +"VeriSign Class 1 Public Primary Certification Authority - G3" +"VeriSign Class 2 Public Primary Certification Authority - G3" +"VeriSign Class 3 Public Primary Certification Authority - G3" +"VeriSign Class 3 Public Primary Certification Authority - G4" +"VeriSign Class 3 Public Primary Certification Authority - G5" +"VeriSign Universal Root Certification Authority" |