Bug#510034: marked as done (ca-certificates leaves many dangling symlinks in /etc/ssl/certs)

[Debian Bug Tracking System]

Your message dated Wed, 08 Jul 2009 21:32:12 +0000
with message-id <e1moeko-0004gc...@ries.debian.org>
and subject line Bug#475240: fixed in ca-certificates 20090708
has caused the Debian Bug report #475240,
regarding ca-certificates leaves many dangling symlinks in /etc/ssl/certs
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
475240: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475240
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: ca-certificates
Version: 20080809
Severity: normal

ca-certificates leaves many dangling symlinks in /etc/ssl/certs.
For instance:

ay% ls -l /etc/ssl/certs/B*
lrwxrwxrwx 1 root root 77 2003-04-27 02:02:38 
/etc/ssl/certs/Baltimore_CyberTrust_Code_Signing_Root.pem -> 
/usr/share/ca-certificates/mozilla/Baltimore_CyberTrust_Code_Signing_Root.crt
lrwxrwxrwx 1 root root 80 2003-04-27 02:02:38 
/etc/ssl/certs/Baltimore_CyberTrust_Mobile_Commerce_Root.pem -> 
/usr/share/ca-certificates/mozilla/Baltimore_CyberTrust_Mobile_Commerce_Root.crt
lrwxrwxrwx 1 root root 64 2008-12-28 21:48:06 
/etc/ssl/certs/Baltimore_CyberTrust_Root.pem -> 
/usr/share/ca-certificates/mozilla/Baltimore_CyberTrust_Root.crt
ay% ls -lL /etc/ssl/certs/B*
ls: cannot access /etc/ssl/certs/Baltimore_CyberTrust_Code_Signing_Root.pem: No 
such file or directory
ls: cannot access /etc/ssl/certs/Baltimore_CyberTrust_Mobile_Commerce_Root.pem: 
No such file or directory
-rw-r--r-- 1 root root 1262 2008-08-09 22:57:27 
/etc/ssl/certs/Baltimore_CyberTrust_Root.pem

Note: I've just done a "dpkg-reconfigure ca-certificates".

-- System Information:
Debian Release: 5.0
  APT prefers testing
  APT policy: (900, 'testing'), (900, 'stable'), (200, 'unstable')
Architecture: powerpc (ppc)

Kernel: Linux 2.6.26-1-powerpc
Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages ca-certificates depends on:
ii  debconf [debconf-2.0]         1.5.24     Debian configuration management sy
ii  openssl                       0.9.8g-14  Secure Socket Layer (SSL) binary a

ca-certificates recommends no packages.

ca-certificates suggests no packages.

-- debconf information:
* ca-certificates/enable_crts: brasil.gov.br/brasil.gov.br.crt, 
cacert.org/cacert.org.crt, cacert.org/class3.crt, cacert.org/root.crt, 
debconf.org/ca.crt, gouv.fr/cert_igca_dsa.crt, gouv.fr/cert_igca_rsa.crt, 
mozilla/ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt, 
mozilla/AOL_Time_Warner_Root_Certification_Authority_1.crt, 
mozilla/AOL_Time_Warner_Root_Certification_Authority_2.crt, 
mozilla/AddTrust_External_Root.crt, 
mozilla/AddTrust_Low-Value_Services_Root.crt, 
mozilla/AddTrust_Public_Services_Root.crt, 
mozilla/AddTrust_Qualified_Certificates_Root.crt, 
mozilla/America_Online_Root_Certification_Authority_1.crt, 
mozilla/America_Online_Root_Certification_Authority_2.crt, 
mozilla/Baltimore_CyberTrust_Root.crt, 
mozilla/COMODO_Certification_Authority.crt, 
mozilla/Camerfirma_Chambers_of_Commerce_Root.crt, 
mozilla/Camerfirma_Global_Chambersign_Root.crt, 
mozilla/Certplus_Class_2_Primary_CA.crt, mozilla/Certum_Root_CA.crt, 
mozilla/Comodo_AAA_Services_root.crt, mozilla/Comodo_Secure_Services_root.crt, 
mozilla/Comodo_Trusted_Services_root.crt, mozilla/DST_ACES_CA_X6.crt, 
mozilla/DST_Root_CA_X3.crt, mozilla/DigiCert_Assured_ID_Root_CA.crt, 
mozilla/DigiCert_Global_Root_CA.crt, 
mozilla/DigiCert_High_Assurance_EV_Root_CA.crt, 
mozilla/Digital_Signature_Trust_Co._Global_CA_1.crt, 
mozilla/Digital_Signature_Trust_Co._Global_CA_2.crt, 
mozilla/Digital_Signature_Trust_Co._Global_CA_3.crt, 
mozilla/Digital_Signature_Trust_Co._Global_CA_4.crt, 
mozilla/Entrust.net_Global_Secure_Personal_CA.crt, 
mozilla/Entrust.net_Global_Secure_Server_CA.crt, 
mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt, 
mozilla/Entrust.net_Secure_Personal_CA.crt, 
mozilla/Entrust.net_Secure_Server_CA.crt, 
mozilla/Entrust_Root_Certification_Authority.crt, 
mozilla/Equifax_Secure_CA.crt, mozilla/Equifax_Secure_Global_eBusiness_CA.crt, 
mozilla/Equifax_Secure_eBusiness_CA_1.crt, 
mozilla/Equifax_Secure_eBusiness_CA_2.crt, 
mozilla/Firmaprofesional_Root_CA.crt, mozilla/GTE_CyberTrust_Global_Root.crt, 
mozilla/GTE_CyberTrust_Root_CA.crt, mozilla/GeoTrust_Global_CA.crt, 
mozilla/GeoTrust_Global_CA_2.crt, 
mozilla/GeoTrust_Primary_Certification_Authority.crt, 
mozilla/GeoTrust_Universal_CA.crt, mozilla/GeoTrust_Universal_CA_2.crt, 
mozilla/GlobalSign_Root_CA.crt, mozilla/GlobalSign_Root_CA_-_R2.crt, 
mozilla/Go_Daddy_Class_2_CA.crt, mozilla/IPS_CLASE1_root.crt, 
mozilla/IPS_CLASE3_root.crt, mozilla/IPS_CLASEA1_root.crt, 
mozilla/IPS_CLASEA3_root.crt, mozilla/IPS_Chained_CAs_root.crt, 
mozilla/IPS_Servidores_root.crt, mozilla/IPS_Timestamping_root.crt, 
mozilla/NetLock_Business_=Class_B=_Root.crt, 
mozilla/NetLock_Express_=Class_C=_Root.crt, 
mozilla/NetLock_Notary_=Class_A=_Root.crt, 
mozilla/NetLock_Qualified_=Class_QA=_Root.crt, mozilla/QuoVadis_Root_CA.crt, 
mozilla/QuoVadis_Root_CA_2.crt, mozilla/QuoVadis_Root_CA_3.crt, 
mozilla/RSA_Root_Certificate_1.crt, mozilla/RSA_Security_1024_v3.crt, 
mozilla/RSA_Security_2048_v3.crt, mozilla/SecureTrust_CA.crt, 
mozilla/Secure_Global_CA.crt, mozilla/Security_Communication_Root_CA.crt, 
mozilla/Sonera_Class_1_Root_CA.crt, mozilla/Sonera_Class_2_Root_CA.crt, 
mozilla/Staat_der_Nederlanden_Root_CA.crt, mozilla/Starfield_Class_2_CA.crt, 
mozilla/StartCom_Certification_Authority.crt, mozilla/StartCom_Ltd..crt, 
mozilla/SwissSign_Gold_CA_-_G2.crt, mozilla/SwissSign_Platinum_CA_-_G2.crt, 
mozilla/SwissSign_Silver_CA_-_G2.crt, mozilla/Swisscom_Root_CA_1.crt, 
mozilla/TC_TrustCenter__Germany__Class_2_CA.crt, 
mozilla/TC_TrustCenter__Germany__Class_3_CA.crt, 
mozilla/TDC_Internet_Root_CA.crt, mozilla/TDC_OCES_Root_CA.crt, 
mozilla/TURKTRUST_Certificate_Services_Provider_Root_1.crt, 
mozilla/TURKTRUST_Certificate_Services_Provider_Root_2.crt, 
mozilla/Taiwan_GRCA.crt, mozilla/Thawte_Personal_Basic_CA.crt, 
mozilla/Thawte_Personal_Freemail_CA.crt, 
mozilla/Thawte_Personal_Premium_CA.crt, mozilla/Thawte_Premium_Server_CA.crt, 
mozilla/Thawte_Server_CA.crt, mozilla/Thawte_Time_Stamping_CA.crt, 
mozilla/UTN-USER_First-Network_Applications.crt, 
mozilla/UTN_DATACorp_SGC_Root_CA.crt, mozilla/UTN_USERFirst_Email_Root_CA.crt, 
mozilla/UTN_USERFirst_Hardware_Root_CA.crt, 
mozilla/UTN_USERFirst_Object_Root_CA.crt, mozilla/ValiCert_Class_1_VA.crt, 
mozilla/ValiCert_Class_2_VA.crt, 
mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt, 
mozilla/Verisign_Class_1_Public_Primary_Certification_Authority.crt, 
mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt, 
mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.crt, 
mozilla/Verisign_Class_2_Public_Primary_Certification_Authority.crt, 
mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt, 
mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.crt, 
mozilla/Verisign_Class_3_Public_Primary_Certification_Authority.crt, 
mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt, 
mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt, 
mozilla/Verisign_Class_4_Public_Primary_Certification_Authority_-_G2.crt, 
mozilla/Verisign_Class_4_Public_Primary_Certification_Authority_-_G3.crt, 
mozilla/Verisign_RSA_Secure_Server_CA.crt, 
mozilla/Verisign_Time_Stamping_Authority_CA.crt, 
mozilla/Visa_International_Global_Root_2.crt, mozilla/Visa_eCommerce_Root.crt, 
mozilla/Wells_Fargo_Root_CA.crt, mozilla/XRamp_Global_CA_Root.crt, 
mozilla/beTRUSTed_Root_CA-Baltimore_Implementation.crt, 
mozilla/beTRUSTed_Root_CA.crt, 
mozilla/beTRUSTed_Root_CA_-_Entrust_Implementation.crt, 
mozilla/beTRUSTed_Root_CA_-_RSA_Implementation.crt, 
mozilla/thawte_Primary_Root_CA.crt, 
quovadis.bm/QuoVadis_Root_Certification_Authority.crt, 
signet.pl/signet_ca1_pem.crt, signet.pl/signet_ca2_pem.crt, 
signet.pl/signet_ca3_pem.crt, signet.pl/signet_ocspklasa2_pem.crt, 
signet.pl/signet_ocspklasa3_pem.crt, signet.pl/signet_pca2_pem.crt, 
signet.pl/signet_pca3_pem.crt, signet.pl/signet_rootca_pem.crt, 
signet.pl/signet_tsa1_pem.crt, spi-inc.org/spi-ca-2003.crt, 
spi-inc.org/spi-cacert-2008.crt, telesec.de/deutsche-telekom-root-ca-2.crt
  ca-certificates/new_crts:
* ca-certificates/trust_new_crts: yes

--- End Message ---

--- Begin Message ---

Source: ca-certificates
Source-Version: 20090708

We believe that the bug you reported is fixed in the latest version of
ca-certificates, which is due to be installed in the Debian FTP archive:

ca-certificates_20090708.dsc
  to pool/main/c/ca-certificates/ca-certificates_20090708.dsc
ca-certificates_20090708.tar.gz
  to pool/main/c/ca-certificates/ca-certificates_20090708.tar.gz
ca-certificates_20090708_all.deb
  to pool/main/c/ca-certificates/ca-certificates_20090708_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 475...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Philipp Kern <pk...@debian.org> (supplier of updated ca-certificates package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 08 Jul 2009 23:19:56 +0200
Source: ca-certificates
Binary: ca-certificates
Architecture: source all
Version: 20090708
Distribution: unstable
Urgency: low
Maintainer: Philipp Kern <pk...@debian.org>
Changed-By: Philipp Kern <pk...@debian.org>
Description: 
 ca-certificates - Common CA certificates
Closes: 475240 486737 495224
Changes: 
 ca-certificates (20090708) unstable; urgency=low
 .
   * Removed CA files:
     - cacert.org/root.crt and cacert.org/class3.crt:
       Both certificate files were deprecated with 20080809.  Users of these
       root certificates are encouraged to switch to
       `cacert.org/cacert.org.crt' which contains both class 1 and class 3
       roots joined in a single file.
     - quovadis.bm/QuoVadis_Root_Certification_Authority.crt:
       This certificate has been added into the Mozilla truststore and
       is available as `mozilla/QuoVadis_Root_CA.crt'.
   * Do not redirect c_rehash error messages to /dev/null.
     (Closes: #495224)
   * Remove dangling symlinks on purge, which also gets rid of the hash
     symlink for ca-certificates.crt.  (Closes: #475240)
   * Use subshells when grepping for certificates in config, avoiding
     SIGPIPE because of grep's immediate exit after it finds the pattern.
     (Closes: #486737)
   * Fix VERBOSE_ARG usage in update-ca-certificates.  Thanks to
     Robby Workman of Slackware.
   * Updated Standards-Version and FSF portal address in the copyright file.
Checksums-Sha1: 
 c5c44a75036003d22e6372d261a50d6e14fe843f 790 ca-certificates_20090708.dsc
 29f0f227da3c76b90f52bd18f2f81864cc9e843e 227433 ca-certificates_20090708.tar.gz
 b68fe1b4dd1639286ecb9c71d097782a2235f745 154528 
ca-certificates_20090708_all.deb
Checksums-Sha256: 
 67967b952c7692364bb14655957edfed1db20079ea7c490a8a614e5616f1b936 790 
ca-certificates_20090708.dsc
 c6391b1e1f26d63473c3b4e95a88824caa72a6b008a0f329d3f17af87186e16f 227433 
ca-certificates_20090708.tar.gz
 ef0a4eb696ff1e1cce8fa8bb6e00d8a9eede94238798be45a5c83789659f051f 154528 
ca-certificates_20090708_all.deb
Files: 
 80c8f3aa50194d4d30b58206b9395069 790 misc optional ca-certificates_20090708.dsc
 e89ec5fae1711d4667af516d426dbf32 227433 misc optional 
ca-certificates_20090708.tar.gz
 413d8acef64e87cd7bbc9a7795a077b7 154528 misc optional 
ca-certificates_20090708_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkpVDq8ACgkQ7Ro5M7LPzdi+FgCfX21pX7rMhoLuaeuuFNwkEtmV
FQIAoJgd8ef4GcRwpy4TN1TORDfDCxDG
=nDjD
-----END PGP SIGNATURE-----

--- End Message ---