Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 (requesting unblock, although I am not the maintainer) Please unblock package ca-certificates-java ca-certificates-java/20121112+nmu1 provides serious/important fixes that correct squeeze -> wheezy upgrades using the triggers provided by ca-certificates (>=20121114), as well as a fix test for dpkg-query in postinst and correcting library path for softokn3pkg and nsspkg. Thank you! - -- Kind regards, Michael Shuler -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJQ+2rtAAoJEKJ4t4H+SyvaM1cQAJA90U4nGkVvGM2NgFuc/gMB pf+0BphYhvllJt8CgSrPIqnHv+aBHbPitydZ20JzUOBV6ZtY70w5ZVmmn2nfg0cp t8qkfjnSCEYi3pmC+tThxT5Y+/iSEz24bXLKtS6rXkZsiikYDKDZHzYTfZowRW9z joKIWWJuBBfNPoqsfbavhJKBAAd4N4S3nfIhuphum0O16k8ceev2VDAVRF/cHixh EMaYMfehwlQnnlkIDx2eC/mhkUuwY2nfyJdGhYLcKL9waxHSBeTKi/uJZMsd4RxM RKlLF4UY5GE3BoxaL0eRha+LFYIM8llMsC8apo8qXUIepYWzLVG+4dSS4ntJQYCB Kly+hmW8/gF0LoylMvIrGENMU0N2WDyArHMCIMXlV7JyCKVB2nzcvv59hHvQust9 ESrSkSjKHsM2ItD0jkhtYr3TdbmY/74W3Q98s/B1Gy92TUzyYrGttrYUfpZyvFv6 NRhaWh27mJE6HA/GQkGsIYaoPpgE9pwBYg5mrsmqR2Ftr7LpNxY9+wIMXtlgQsKI Ta3+R7xjy7ay8xx8G3wLdn2cn5U5H/hacRuZG+TH3hQcZyIQK4ccTJavg0w1Xmrr jKfyJyyxKTuDWK1RH0AV+rTfOX/3Xt2J3+2Kl1MnoqQoAXJbEHKmqlGNuo5U9mOo M1ZFi1iDzjOMPdxCNHg5 =cMgH -----END PGP SIGNATURE-----
diff -Nru ca-certificates-java-20120721/debian/ca-certificates-java.triggers ca-certificates-java-20121112+nmu1/debian/ca-certificates-java.triggers --- ca-certificates-java-20120721/debian/ca-certificates-java.triggers 1969-12-31 18:00:00.000000000 -0600 +++ ca-certificates-java-20121112+nmu1/debian/ca-certificates-java.triggers 2012-11-12 20:03:54.000000000 -0600 @@ -0,0 +1 @@ +activate update-ca-certificates diff -Nru ca-certificates-java-20120721/debian/changelog ca-certificates-java-20121112+nmu1/debian/changelog --- ca-certificates-java-20120721/debian/changelog 2012-07-21 07:05:01.000000000 -0500 +++ ca-certificates-java-20121112+nmu1/debian/changelog 2012-11-28 17:59:50.000000000 -0600 @@ -1,3 +1,17 @@ +ca-certificates-java (20121112+nmu1) unstable; urgency=low + + * Non-maintainer upload + * Fix test for dpkg-query in postinst; there was an extraneous --version + here. [Probably don't even need to bother to check for dpkg-query, but + why not.] (Closes: #690204) + * Library path for softokn3pkg and nsspkg is potentially wrong if there + are multiple different paths; fix it. + * Do not run the hook if ca-certificates-java has been removed but not + purged. + * Use the new trigger support provided by ca-certificates (>=20121114). + + -- Don Armstrong <d...@debian.org> Mon, 12 Nov 2012 15:45:50 -0800 + ca-certificates-java (20120721) unstable; urgency=low * Fix jks-keystore and postinst to work on multi-arch system. diff -Nru ca-certificates-java-20120721/debian/control ca-certificates-java-20121112+nmu1/debian/control --- ca-certificates-java-20120721/debian/control 2012-06-08 17:05:19.000000000 -0500 +++ ca-certificates-java-20121112+nmu1/debian/control 2012-11-28 17:43:50.000000000 -0600 @@ -15,7 +15,7 @@ Package: ca-certificates-java Architecture: all Multi-Arch: foreign -Depends: ca-certificates (>= 20090814), +Depends: ca-certificates (>= 20121114), ${jre:Depends} | java6-runtime-headless, ${misc:Depends}, ${nss:Depends} diff -Nru ca-certificates-java-20120721/debian/jks-keystore.hook.in ca-certificates-java-20121112+nmu1/debian/jks-keystore.hook.in --- ca-certificates-java-20120721/debian/jks-keystore.hook.in 2012-07-21 06:30:21.000000000 -0500 +++ ca-certificates-java-20121112+nmu1/debian/jks-keystore.hook.in 2012-11-12 18:50:31.000000000 -0600 @@ -25,7 +25,7 @@ } echo "" -if [ "$cacerts_updates" != yes ] || [ "$CACERT_UPDATES" = disabled ]; then +if [ "$cacerts_updates" != yes ] || [ "$CACERT_UPDATES" = disabled ] || [ ! -e $JAR ]; then echo "updates of cacerts keystore disabled." exit 0 fi @@ -53,12 +53,12 @@ fi if dpkg-query --version >/dev/null; then - nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libnss3\.so$,\1,p') + nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libnss3\.so$,\1,p'|head -n 1) nssjdk=$(sed -n '/nssLibraryDirectory/s/.*= *\(.*\)/\1/p' /etc/${jvm%-$arch}/security/nss.cfg) if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]; then ln -sf $nsspkg/libnss3.so $nssjdk/libnss3.so fi - softokn3pkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libsoftokn3\.so$,\1,p') + softokn3pkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libsoftokn3\.so$,\1,p'|head -n 1) if [ -n "$softokn3pkg" ] && [ -n "$nssjdk" ] && [ "$softokn3pkg" != "$nssjdk" ]; then ln -sf $softokn3pkg/libsoftokn3.so $nssjdk/libsoftokn3.so fi diff -Nru ca-certificates-java-20120721/debian/postinst.in ca-certificates-java-20121112+nmu1/debian/postinst.in --- ca-certificates-java-20120721/debian/postinst.in 2012-07-21 06:30:13.000000000 -0500 +++ ca-certificates-java-20121112+nmu1/debian/postinst.in 2012-11-12 18:44:54.000000000 -0600 @@ -38,8 +38,8 @@ first_install() { - if which dpkg-query --version >/dev/null; then - nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libnss3\.so$,\1,p') + if which dpkg-query >/dev/null; then + nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libnss3\.so$,\1,p'|head -n 1) nssjdk=$(sed -n '/nssLibraryDirectory/s/.*= *\(.*\)/\1/p' /etc/${jvm%-$arch}/security/nss.cfg) if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]; then ln -sf $nsspkg/libnss3.so $nssjdk/libnss3.so