Your message dated Mon, 23 Feb 2026 17:18:59 +0000
with message-id <[email protected]>
and subject line Bug#1127100: fixed in ca-certificates 20260223
has caused the Debian Bug report #1127100,
regarding ca-certificates: could use dh_usrlocal to create
/usr/local/share/ca-certificates
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1127100: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127100
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: ca-certificates
Version: 20250419
Severity: wishlist
User: [email protected]
Usertags: dh-usrlocal
Prompted by recent changes in fontconfig's handling of
/usr/local/share/fonts, I noticed that ca-certificates' postinst has an
open-coded script to create /usr/local/share/ca-certificates with
Policy-compliant permissions.
Please consider using dh_usrlocal(1) for this: that way, any implementation
bugs can be fixed centrally in debhelper, and they will take effect in
all packages that use dh_usrlocal at the next rebuild.
The procedure to do that is something like this:
1. create debian/ca-certificates/usr/local/share/ca-certificates, for
example in debian/ca-certificates.dirs or with some `install -d`
in d/rules
2. make sure dh_usrlocal is run (normally dh will run it automatically)
3. remove open-coded logic in maintainer scripts to create and remove
this directory
4. make sure the maintainer scripts still have the #DEBHELPER#
placeholder
With that done, dh_usrlocal should insert maintainer script snippets
generated from /usr/share/debhelper/autoscripts/ to create and remove
the directory when appropriate.
Thanks,
smcv
--- End Message ---
--- Begin Message ---
Source: ca-certificates
Source-Version: 20260223
Done: Julien Cristau <[email protected]>
We believe that the bug you reported is fixed in the latest version of
ca-certificates, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Julien Cristau <[email protected]> (supplier of updated ca-certificates
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 23 Feb 2026 17:46:55 +0100
Source: ca-certificates
Architecture: source
Version: 20260223
Distribution: unstable
Urgency: medium
Maintainer: Julien Cristau <[email protected]>
Changed-By: Julien Cristau <[email protected]>
Closes: 1121936 1127100
Changes:
ca-certificates (20260223) unstable; urgency=medium
.
* Update Mozilla certificate authority bundle to version 2.82
The following certificate authorities were added (+):
+ TrustAsia TLS ECC Root CA
+ TrustAsia TLS RSA Root CA
+ SwissSign RSA TLS Root CA 2022 - 1
+ OISTE Server Root ECC G1
+ OISTE Server Root RSA G1
The following certificate authorities were removed (-):
- GlobalSign Root CA
- Entrust.net Premium 2048 Secure Server CA
- Baltimore CyberTrust Root (closes: #1121936)
- Comodo AAA Services root
- XRamp Global CA Root
- Go Daddy Class 2 CA
- Starfield Class 2 CA
- CommScope Public Trust ECC Root-01
- CommScope Public Trust ECC Root-02
- CommScope Public Trust RSA Root-01
- CommScope Public Trust RSA Root-02
* Use dh_usrlocal to create /usr/local/share/ca-certificates
(closes: #1127100)
Checksums-Sha1:
698e46d1fb9a805c3eee258c42faa9aa031c85fa 1766 ca-certificates_20260223.dsc
0a97c2246c1407a5d579529fb12cc1eea263f5f4 282672 ca-certificates_20260223.tar.xz
Checksums-Sha256:
1513677cb1cf906a4b688279f86cdfda2a5373894c25521ed61eb6b2812ddf93 1766
ca-certificates_20260223.dsc
2fa2b00d4360f0d14ec51640ae8aea9e563956b95ea786e3c3c01c4eead42b56 282672
ca-certificates_20260223.tar.xz
Files:
3c6f183849f4169205e44b384c42cd6d 1766 misc optional
ca-certificates_20260223.dsc
03867432676e265fb5ded407b2ab31a9 282672 misc optional
ca-certificates_20260223.tar.xz
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCgAyFiEEVXgdqzTmGgnvuIvhnbAjVVb4z60FAmmciZYUHGpjcmlzdGF1
QGRlYmlhbi5vcmcACgkQnbAjVVb4z60CHA//UWB+NHDIc5jt1+Jx17wrS80fbdGd
wM6WqeqfZZxvszoe5uKBKtoUyN1n7kjNGhv+O1HmF7xlYAitXXKdrEn+n5d1psLA
+EvK5Lvl5H/rqzka2wu7Qc5htcvF2WbCq4OCdAT9RdNENxdRVvVQ9wgYYpJTH0ht
z/JLSAjgw7kHohq+KLrHFcO/e4Bc+yko2sky/B/ES9D4TbO7VfYRRAQOxGrKM2Qe
1HzsEUJWHevlbjtJXV72iMbixACdtCVANrj1Bl1mwz04DcdZg3xTbdUKcHzWXixZ
Cp9TLQ4X7ZVXXq+GoQyqTsof9EB3rf52e/g3qNsiULWY12GrgoePSOFUaN/Rpt9L
2tpXDzNoO5ZCpGVX0gSEYAdTX3djbqrzYdyNmhus87WbbuA5cwSWRh7FohXgwZVc
bKSqZmsXYqoVsxjAQRSx3XuTZ74MMsluk94qmGubXTZCnM/48ldfE7EVrGlNhgW9
3uCW3XpRtyLUG8ChCfgKWv21Tm6UowIj/w+QgYj1S/6cqWpgo9uJNWYVQIhNagbk
Akf3MbzYQM7h1CeP1jOyY2EC17aczzJfDGnhc8bfMH2mHD7lbN3zQk0vBfx7FjAX
5PxBuOXNgJcLFgg1xwRbMMnPfkISEMjFd3BC9EucpQLqemfJo7DYaEL8zR293sbP
kVtxenL4/U/2T9o=
=EyA1
-----END PGP SIGNATURE-----
pgpTI4vspmpNz.pgp
Description: PGP signature
--- End Message ---
