pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/ca-certificates
Module Name: pkgsrc
Committed By: kim
Date: Sun May 21 16:33:50 UTC 2023
Modified Files:
pkgsrc/security/ca-certificates: Makefile PLIST distinfo
pkgsrc/security/ca-certificates/patches:
patch-sbin_update-ca-certificates
Removed Files:
pkgsrc/security/ca-certificates/patches: patch-mozilla_certdata2pem.py
Log Message:
ca-certificates: Update to 20230311
ca-certificates (20230311) unstable; urgency=medium
[ Đoàn Trần Công Danh ]
* ca-certificates: compat with non-GNU mktemp (closes: #1000847)
[ Ilya Lipnitskiy ]
* certdata2pem.py: use UTC time when checking cert validity
[ Julien Cristau ]
* Update Mozilla certificate authority bundle to version 2.60
The following certificate authorities were added (+):
+ "Autoridad de Certificacion Firmaprofesional CIF A62634068"
+ "Certainly Root E1"
+ "Certainly Root R1"
+ "D-TRUST BR Root CA 1 2020"
+ "D-TRUST EV Root CA 1 2020"
+ "DigiCert TLS ECC P384 Root G5"
+ "DigiCert TLS RSA4096 Root G5"
+ "E-Tugra Global Root CA ECC v3"
+ "E-Tugra Global Root CA RSA v3"
+ "HARICA TLS ECC Root CA 2021"
+ "HARICA TLS RSA Root CA 2021"
+ "HiPKI Root CA - G1"
+ "ISRG Root X2"
+ "Security Communication ECC RootCA1"
+ "Security Communication RootCA3"
+ "Telia Root CA v2"
+ "TunTrust Root CA"
+ "vTrus ECC Root CA"
+ "vTrus Root CA"
The following certificate authorities were removed (-):
- "Cybertrust Global Root" (expired)
- "EC-ACC"
- "GlobalSign Root CA - R2" (expired)
- "Hellenic Academic and Research Institutions RootCA 2011"
- "Network Solutions Certificate Authority"
- "Staat der Nederlanden EV Root CA" (expired)
* Drop trailing space from debconf template causing misformatting
(closes: #980821)
[ Wataru Ashihara ]
* Make certdata2pem.py compatible with cryptography >= 35 (closes: #1008244)
-- Julien Cristau <jcristau%debian.org@localhost> Sat, 11 Mar 2023 09:47:05 +0100
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/security/ca-certificates/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/security/ca-certificates/PLIST
cvs rdiff -u -r1.8 -r1.9 pkgsrc/security/ca-certificates/distinfo
cvs rdiff -u -r1.1 -r0 \
pkgsrc/security/ca-certificates/patches/patch-mozilla_certdata2pem.py
cvs rdiff -u -r1.2 -r1.3 \
pkgsrc/security/ca-certificates/patches/patch-sbin_update-ca-certificates
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/security/ca-certificates/Makefile
diff -u pkgsrc/security/ca-certificates/Makefile:1.10 pkgsrc/security/ca-certificates/Makefile:1.11
--- pkgsrc/security/ca-certificates/Makefile:1.10 Wed Oct 19 13:56:32 2022
+++ pkgsrc/security/ca-certificates/Makefile Sun May 21 16:33:50 2023
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.10 2022/10/19 13:56:32 nia Exp $
+# $NetBSD: Makefile,v 1.11 2023/05/21 16:33:50 kim Exp $
-PKGNAME= ca-certificates-20211016
-PKGREVISION= 4
+PKGNAME= ca-certificates-20230311
DISTNAME= ${PKGNAME_NOREV:C/-([^-]*)$/_\1/}
CATEGORIES= security
MASTER_SITES= http://deb.debian.org/debian/pool/main/c/ca-certificates/
@@ -18,7 +17,7 @@ PYTHON_VERSIONS_INCOMPATIBLE= 27
USE_TOOLS= echo:run find:run ln:run openssl:run rm:run sed:run sort:run wc:run
-WRKSRC= ${WRKDIR}/${PKGNAME_NOREV}
+WRKSRC= ${WRKDIR}/${PKGBASE}
DATADIR= ${PREFIX}/share/${PKGBASE}
DOCDIR= ${PREFIX}/share/doc/${PKGBASE}
EGDIR= ${PREFIX}/share/examples/${PKGBASE}
@@ -61,14 +60,11 @@ CONF_FILES= ${EGDIR}/ca-certificates.co
${PKG_SYSCONFDIR}/ca-certificates-dir.conf
pre-build:
- @${CP} ${FILESDIR}/ca-certificates.conf ${FILESDIR}/ca-certificates-dir.conf \
+ ${CP} ${FILESDIR}/ca-certificates.conf ${FILESDIR}/ca-certificates-dir.conf \
${FILESDIR}/README.pkgsrc ${WRKSRC}/
- @${GREP} '^share/ca-certificates/' ${FILESDIR}/../PLIST \
+ ${GREP} '^share/ca-certificates/' ${FILESDIR}/../PLIST \
>> ${WRKSRC}/ca-certificates.conf
-post-extract:
- ${MV} ${WRKDIR}/work ${WRKSRC}
-
post-install:
${INSTALL_MAN} \
${WRKSRC}/sbin/update-ca-certificates.8 \
Index: pkgsrc/security/ca-certificates/PLIST
diff -u pkgsrc/security/ca-certificates/PLIST:1.5 pkgsrc/security/ca-certificates/PLIST:1.6
--- pkgsrc/security/ca-certificates/PLIST:1.5 Sun Jun 12 07:05:30 2022
+++ pkgsrc/security/ca-certificates/PLIST Sun May 21 16:33:50 2023
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.5 2022/06/12 07:05:30 kim Exp $
+@comment $NetBSD: PLIST,v 1.6 2023/05/21 16:33:50 kim Exp $
man/man8/update-ca-certificates.8
sbin/update-ca-certificates
share/ca-certificates/mozilla/ACCVRAIZ1.crt
@@ -16,6 +16,7 @@ share/ca-certificates/mozilla/Amazon_Roo
share/ca-certificates/mozilla/Amazon_Root_CA_4.crt
share/ca-certificates/mozilla/Atos_TrustedRoot_2011.crt
share/ca-certificates/mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
+share/ca-certificates/mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068_2.crt
share/ca-certificates/mozilla/Baltimore_CyberTrust_Root.crt
share/ca-certificates/mozilla/Buypass_Class_2_Root_CA.crt
share/ca-certificates/mozilla/Buypass_Class_3_Root_CA.crt
@@ -24,6 +25,8 @@ share/ca-certificates/mozilla/CFCA_EV_RO
share/ca-certificates/mozilla/COMODO_Certification_Authority.crt
share/ca-certificates/mozilla/COMODO_ECC_Certification_Authority.crt
share/ca-certificates/mozilla/COMODO_RSA_Certification_Authority.crt
+share/ca-certificates/mozilla/Certainly_Root_E1.crt
+share/ca-certificates/mozilla/Certainly_Root_R1.crt
share/ca-certificates/mozilla/Certigna.crt
share/ca-certificates/mozilla/Certigna_Root_CA.crt
share/ca-certificates/mozilla/Certum_EC-384_CA.crt
@@ -31,7 +34,8 @@ share/ca-certificates/mozilla/Certum_Tru
share/ca-certificates/mozilla/Certum_Trusted_Network_CA_2.crt
share/ca-certificates/mozilla/Certum_Trusted_Root_CA.crt
share/ca-certificates/mozilla/Comodo_AAA_Services_root.crt
-share/ca-certificates/mozilla/Cybertrust_Global_Root.crt
+share/ca-certificates/mozilla/D-TRUST_BR_Root_CA_1_2020.crt
+share/ca-certificates/mozilla/D-TRUST_EV_Root_CA_1_2020.crt
share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_2009.crt
share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_EV_2009.crt
share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_CA.crt
@@ -41,9 +45,12 @@ share/ca-certificates/mozilla/DigiCert_G
share/ca-certificates/mozilla/DigiCert_Global_Root_G2.crt
share/ca-certificates/mozilla/DigiCert_Global_Root_G3.crt
share/ca-certificates/mozilla/DigiCert_High_Assurance_EV_Root_CA.crt
+share/ca-certificates/mozilla/DigiCert_TLS_ECC_P384_Root_G5.crt
+share/ca-certificates/mozilla/DigiCert_TLS_RSA4096_Root_G5.crt
share/ca-certificates/mozilla/DigiCert_Trusted_Root_G4.crt
share/ca-certificates/mozilla/E-Tugra_Certification_Authority.crt
-share/ca-certificates/mozilla/EC-ACC.crt
+share/ca-certificates/mozilla/E-Tugra_Global_Root_CA_ECC_v3.crt
+share/ca-certificates/mozilla/E-Tugra_Global_Root_CA_RSA_v3.crt
share/ca-certificates/mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt
share/ca-certificates/mozilla/Entrust_Root_Certification_Authority.crt
share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_EC1.crt
@@ -58,19 +65,21 @@ share/ca-certificates/mozilla/GTS_Root_R
share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R4.crt
share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R5.crt
share/ca-certificates/mozilla/GlobalSign_Root_CA.crt
-share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R2.crt
share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R3.crt
share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R6.crt
share/ca-certificates/mozilla/GlobalSign_Root_E46.crt
share/ca-certificates/mozilla/GlobalSign_Root_R46.crt
share/ca-certificates/mozilla/Go_Daddy_Class_2_CA.crt
share/ca-certificates/mozilla/Go_Daddy_Root_Certificate_Authority_-_G2.crt
+share/ca-certificates/mozilla/HARICA_TLS_ECC_Root_CA_2021.crt
+share/ca-certificates/mozilla/HARICA_TLS_RSA_Root_CA_2021.crt
share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt
-share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt
share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt
+share/ca-certificates/mozilla/HiPKI_Root_CA_-_G1.crt
share/ca-certificates/mozilla/Hongkong_Post_Root_CA_1.crt
share/ca-certificates/mozilla/Hongkong_Post_Root_CA_3.crt
share/ca-certificates/mozilla/ISRG_Root_X1.crt
+share/ca-certificates/mozilla/ISRG_Root_X2.crt
share/ca-certificates/mozilla/IdenTrust_Commercial_Root_CA_1.crt
share/ca-certificates/mozilla/IdenTrust_Public_Sector_Root_CA_1.crt
share/ca-certificates/mozilla/Izenpe.com.crt
@@ -79,7 +88,6 @@ share/ca-certificates/mozilla/Microsoft_
share/ca-certificates/mozilla/Microsoft_RSA_Root_Certificate_Authority_2017.crt
share/ca-certificates/mozilla/NAVER_Global_Root_Certification_Authority.crt
share/ca-certificates/mozilla/NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt
-share/ca-certificates/mozilla/Network_Solutions_Certificate_Authority.crt
share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GB_CA.crt
share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GC_CA.crt
share/ca-certificates/mozilla/QuoVadis_Root_CA_1_G3.crt
@@ -95,9 +103,10 @@ share/ca-certificates/mozilla/SZAFIR_ROO
share/ca-certificates/mozilla/SecureSign_RootCA11.crt
share/ca-certificates/mozilla/SecureTrust_CA.crt
share/ca-certificates/mozilla/Secure_Global_CA.crt
+share/ca-certificates/mozilla/Security_Communication_ECC_RootCA1.crt
share/ca-certificates/mozilla/Security_Communication_RootCA2.crt
+share/ca-certificates/mozilla/Security_Communication_RootCA3.crt
share/ca-certificates/mozilla/Security_Communication_Root_CA.crt
-share/ca-certificates/mozilla/Staat_der_Nederlanden_EV_Root_CA.crt
share/ca-certificates/mozilla/Starfield_Class_2_CA.crt
share/ca-certificates/mozilla/Starfield_Root_Certificate_Authority_-_G2.crt
share/ca-certificates/mozilla/Starfield_Services_Root_Certificate_Authority_-_G2.crt
@@ -109,12 +118,14 @@ share/ca-certificates/mozilla/TUBITAK_Ka
share/ca-certificates/mozilla/TWCA_Global_Root_CA.crt
share/ca-certificates/mozilla/TWCA_Root_Certification_Authority.crt
share/ca-certificates/mozilla/TeliaSonera_Root_CA_v1.crt
+share/ca-certificates/mozilla/Telia_Root_CA_v2.crt
share/ca-certificates/mozilla/TrustCor_ECA-1.crt
share/ca-certificates/mozilla/TrustCor_RootCert_CA-1.crt
share/ca-certificates/mozilla/TrustCor_RootCert_CA-2.crt
share/ca-certificates/mozilla/Trustwave_Global_Certification_Authority.crt
share/ca-certificates/mozilla/Trustwave_Global_ECC_P256_Certification_Authority.crt
share/ca-certificates/mozilla/Trustwave_Global_ECC_P384_Certification_Authority.crt
+share/ca-certificates/mozilla/TunTrust_Root_CA.crt
share/ca-certificates/mozilla/UCA_Extended_Validation_Root.crt
share/ca-certificates/mozilla/UCA_Global_G2_Root.crt
share/ca-certificates/mozilla/USERTrust_ECC_Certification_Authority.crt
@@ -128,8 +139,10 @@ share/ca-certificates/mozilla/emSign_ECC
share/ca-certificates/mozilla/emSign_ECC_Root_CA_-_G3.crt
share/ca-certificates/mozilla/emSign_Root_CA_-_C1.crt
share/ca-certificates/mozilla/emSign_Root_CA_-_G1.crt
+share/ca-certificates/mozilla/vTrus_ECC_Root_CA.crt
+share/ca-certificates/mozilla/vTrus_Root_CA.crt
share/doc/ca-certificates/README.pkgsrc
share/doc/ca-certificates/README.source
share/doc/ca-certificates/changelog
-share/examples/ca-certificates/ca-certificates.conf
share/examples/ca-certificates/ca-certificates-dir.conf
+share/examples/ca-certificates/ca-certificates.conf
Index: pkgsrc/security/ca-certificates/distinfo
diff -u pkgsrc/security/ca-certificates/distinfo:1.8 pkgsrc/security/ca-certificates/distinfo:1.9
--- pkgsrc/security/ca-certificates/distinfo:1.8 Sun Jul 17 02:58:32 2022
+++ pkgsrc/security/ca-certificates/distinfo Sun May 21 16:33:50 2023
@@ -1,7 +1,6 @@
-$NetBSD: distinfo,v 1.8 2022/07/17 02:58:32 tnn Exp $
+$NetBSD: distinfo,v 1.9 2023/05/21 16:33:50 kim Exp $
-BLAKE2s (ca-certificates_20211016.tar.xz) = ee1b82472068aef176dbc9dab2099848e299dbcc92ac309ba5a906a98414731d
-SHA512 (ca-certificates_20211016.tar.xz) = bedf072c8aa1b05b249ea272f5cecfe16bdcd762c02c712323f12ac7a278e8814453f5f3caad86a2581e451788b292ed3a76a6a81620926459bb890133cffde1
-Size (ca-certificates_20211016.tar.xz) = 239608 bytes
-SHA1 (patch-mozilla_certdata2pem.py) = e0752892bf93113bb4a6414f1bef98261a5b832a
-SHA1 (patch-sbin_update-ca-certificates) = e57e4c0ec2be335f6d901c865a7b0a33405fd7f2
+BLAKE2s (ca-certificates_20230311.tar.xz) = 41fb59d81073ce3a758c2fd38f4af420d54b32d367a616198d98a1cad1ec7549
+SHA512 (ca-certificates_20230311.tar.xz) = 00571bdc87897813fd7dbe024f3a186cfc9f0d4f55e92545a90888c9e5282f99cb8d75b5932c034731b911bf27a9b38fd7d062dd511eb1152acf8b2811490fa7
+Size (ca-certificates_20230311.tar.xz) = 257772 bytes
+SHA1 (patch-sbin_update-ca-certificates) = 036c25d5e048451917685e62dfddb81004453146
Index: pkgsrc/security/ca-certificates/patches/patch-sbin_update-ca-certificates
diff -u pkgsrc/security/ca-certificates/patches/patch-sbin_update-ca-certificates:1.2 pkgsrc/security/ca-certificates/patches/patch-sbin_update-ca-certificates:1.3
--- pkgsrc/security/ca-certificates/patches/patch-sbin_update-ca-certificates:1.2 Sun Jun 12 07:05:30 2022
+++ pkgsrc/security/ca-certificates/patches/patch-sbin_update-ca-certificates Sun May 21 16:33:50 2023
@@ -1,7 +1,10 @@
-$NetBSD: patch-sbin_update-ca-certificates,v 1.2 2022/06/12 07:05:30 kim Exp $
+$NetBSD: patch-sbin_update-ca-certificates,v 1.3 2023/05/21 16:33:50 kim Exp $
---- sbin/update-ca-certificates.orig 2021-10-16 16:09:43.000000000 +0000
-+++ sbin/update-ca-certificates 2022-06-12 16:09:43.000000000 +0000
+Add a configuration file for enabling CA certificate management in
+a system directory (such as /etc/openssl on NetBSD).
+
+--- sbin/update-ca-certificates.orig 2021-12-15 18:51:05.000000000 +0000
++++ sbin/update-ca-certificates 2023-05-21 15:58:00.334161148 +0000
@@ -28,9 +28,23 @@
CERTSDIR=/usr/share/ca-certificates
LOCALCERTSDIR=/usr/local/share/ca-certificates
@@ -46,7 +49,7 @@ $NetBSD: patch-sbin_update-ca-certificat
+ cat <<-EOF
+ Please set ETCCERTSDIR to an absolute path in
+ $ETCCERTSDIRCONF
-+ and then run it again.
++ and then run update-ca-certificates again.
+ EOF
+ exit 1
+ ;;
@@ -55,14 +58,3 @@ $NetBSD: patch-sbin_update-ca-certificat
if [ ! -s "$CERTSCONF" ]
then
fresh=1
-@@ -81,8 +116,8 @@
- # Helper files. (Some of them are not simple arrays because we spawn
- # subshells later on.)
- TEMPBUNDLE="${ETCCERTSDIR}/${CERTBUNDLE}.new"
--ADDED="$(mktemp --tmpdir "ca-certificates.tmp.XXXXXX")"
--REMOVED="$(mktemp --tmpdir "ca-certificates.tmp.XXXXXX")"
-+ADDED="$(mktemp -t "ca-certificates.tmp.XXXXXX")"
-+REMOVED="$(mktemp -t "ca-certificates.tmp.XXXXXX")"
-
- # Adds a certificate to the list of trusted ones. This includes a symlink
- # in /etc/ssl/certs to the certificate file and its inclusion into the
Home |
Main Index |
Thread Index |
Old Index