Hi Stable Release Managers, We're currently discussing in #806239 how to keep the ca-certificates package more up-to-date in (old)stable. Since ca-certificates is a data package that needs timely updating (when CAs are removed due to lapsed audits, they should be distrusted immediately), it satisfies the criteria for stable-updates posted here:
https://www.debian.org/News/2011/20110215 I just wanted to confirm that the SRMs would be OK pushing out new ca-certificates packages through stable-updates. Thanks, Andrew