Univention Bugzilla – Bug 37885
Update ca-certificates bundle
Last modified: 2016-09-21 18:10:14 CEST
The ca-certificates bundle shipped with UCS 4.0 is already a bit dated (20130119), maybe we should import and ship the newer version from jessie (20141019 as of now, ubuntu picked that too).
$ repo_admin.py -U -p ca-certificates -d sid -r 4.0-0-0 -s errata4.0-1 ca-certificates 20141019 Package: ca-certificates Version: 20141019.13.201503131231 Branch: ucs_4.0-0 Scope: errata4.0-1 r58949 | Bug #37885 CA: Update SSL certificate bundle YAML 2015-03-13-ca-certificates.yaml See <http://metadata.ftp-master.debian.org/changelogs//main/c/ca-certificates/ca-certificates_20141019_changelog> for a complete list of updates certificates.
As discussed; this update removes the cacert.org certificate (Debian #718434), which we shouldn't remove in an erratum.
r14514 | Re-added cacert.org Package: ca-certificates Version: 20141019.14.201503231550 Branch: ucs_4.0-0 Scope: errata4.0-1 r59327 | Bug #37885 CA: Update SSL certificate bundle YAML 2015-03-13-ca-certificates.yaml QA: wget -O/dev/null --ca-certificate /etc/ssl/certs/ca-certificates.crt https://www.cacert.org/ wget -O/dev/null --ca-certificate /usr/share/ca-certificates/cacert.org/cacert.org.crt https://www.cacert.org/
Looks good, all tests passed. YAML file ok.
<http://errata.univention.de/ucs/4.0/121.html>