commit ca-certificates-mozilla for openSUSE:Factory

h_root Tue, 17 Dec 2013 01:01:09 -0800

Hello community,

here is the log from the commit of package ca-certificates-mozilla for 
openSUSE:Factory checked in at 2013-12-17 10:00:36
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ca-certificates-mozilla (Old)
 and      /work/SRC/openSUSE:Factory/.ca-certificates-mozilla.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "ca-certificates-mozilla"

Changes:
--------
--- 
/work/SRC/openSUSE:Factory/ca-certificates-mozilla/ca-certificates-mozilla.changes
  2013-11-07 08:34:03.000000000 +0100
+++ 
/work/SRC/openSUSE:Factory/.ca-certificates-mozilla.new/ca-certificates-mozilla.changes
     2013-12-17 10:00:37.000000000 +0100
@@ -1,0 +2,12 @@
+Mon Dec  9 16:01:29 UTC 2013 - meiss...@suse.com
+
+- Updated to 1.95
+  Distrust a sub-ca that issued google.com certificates.
+  "Distrusted AC DG Tresor SSL" (bnc#854367)
+
+-------------------------------------------------------------------
+Mon Dec  9 09:56:32 UTC 2013 - lnus...@suse.de
+
+- fix handling of certificates with same name (bnc#854163)
+
+-------------------------------------------------------------------

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ ca-certificates-mozilla.spec ++++++
--- /var/tmp/diff_new_pack.FUEecT/_old  2013-12-17 10:00:38.000000000 +0100
+++ /var/tmp/diff_new_pack.FUEecT/_new  2013-12-17 10:00:38.000000000 +0100
@@ -26,7 +26,7 @@
 Name:           ca-certificates-mozilla
 # Version number is NSS_BUILTINS_LIBRARY_VERSION in this file:
 # 
https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/nssckbi.h
-Version:        1.94
+Version:        1.95
 Release:        0
 Summary:        CA certificates for OpenSSL
 License:        MPL-2.0
@@ -94,10 +94,19 @@
        [ -z "$alias" ] || args+=('-setalias' "$alias")
 
        echo "$i ${args[*]}"
+       fname="%{buildroot}/%{trustdir_static}$d/${i%%:*}.pem"
+       if [ -e "$fname" ]; then
+               fname="${fname%.pem}"
+               j=1
+               while [ -e "$fname.$j.pem" ]; do
+                       j=$((j+1))
+               done
+               fname="$fname.$j.pem"
+       fi
        {
                grep '^#' "$i"
                openssl x509 -in "$i" "${args[@]}"
-       } > "%{buildroot}/%{trustdir_static}$d/${i%%:*}.pem"
+       } > "$fname"
 done
 for i in *.p11-kit ; do
        install -m 644 "$i" "%{buildroot}/%{trustdir_static}"

++++++ certdata.txt ++++++
--- /var/tmp/diff_new_pack.FUEecT/_old  2013-12-17 10:00:38.000000000 +0100
+++ /var/tmp/diff_new_pack.FUEecT/_new  2013-12-17 10:00:38.000000000 +0100
@@ -12376,6 +12376,34 @@
 CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
 CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
 
+# Distrust "Distrusted AC DG Tresor SSL"
+# Issuer: CN=AC DGTPE Signature Authentification,O=DGTPE,C=FR
+# Serial Number: 204199 (0x31da7)
+# Subject: CN=AC DG Tr..sor SSL,O=DG Tr..sor,C=FR
+# Not Valid Before: Thu Jul 18 10:05:28 2013
+# Not Valid After : Fri Jul 18 10:05:28 2014
+# Fingerprint (MD5): 3A:EA:9E:FC:00:0C:E2:06:6C:E0:AC:39:C1:31:DE:C8
+# Fingerprint (SHA1): 
5C:E3:39:46:5F:41:A1:E4:23:14:9F:65:54:40:95:40:4D:E6:EB:E2
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Distrusted AC DG Tresor SSL"
+CKA_ISSUER MULTILINE_OCTAL
+\060\113\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\016\060\014\006\003\125\004\012\023\005\104\107\124\120\105\061
+\054\060\052\006\003\125\004\003\023\043\101\103\040\104\107\124
+\120\105\040\123\151\147\156\141\164\165\162\145\040\101\165\164
+\150\145\156\164\151\146\151\143\141\164\151\157\156
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\003\035\247
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
 #
 # Certificate "Security Communication EV RootCA1"
 #

++++++ nssckbi.h ++++++
--- /var/tmp/diff_new_pack.FUEecT/_old  2013-12-17 10:00:38.000000000 +0100
+++ /var/tmp/diff_new_pack.FUEecT/_new  2013-12-17 10:00:38.000000000 +0100
@@ -45,8 +45,8 @@
  * of the comment in the CK_VERSION type definition.
  */
 #define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 1
-#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 94
-#define NSS_BUILTINS_LIBRARY_VERSION "1.94"
+#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 95
+#define NSS_BUILTINS_LIBRARY_VERSION "1.95"
 
 /* These version numbers detail the semantic changes to the ckfw engine. */
 #define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit ca-certificates-mozilla for openSUSE:Factory

Reply via email to