Log Message:
security/ca-certificates: Update to 20211016

ca-certificates (20211016) unstable; urgency=low

  [ Michael Shuler ]
  * Fix error on install when TEMPBUNDLE missing. Closes: #996005

 -- Julien Cristau <jcristau@debian.org>  Sat, 16 Oct 2021 18:09:43 +0200

ca-certificates (20211004) unstable; urgency=low

  [ Debian Janitor ]
  * Fix day-of-week for changelog entry 20090624.

  [ Julien Cristau ]
  * Create temporary ca-certificates.crt on the same file system.
    Closes: #923784
  * Don't remove ca-certificates.crt before updating it, so it doesn't
    go missing for a short while (closes: #920348).  Thanks, Dimitris
    Aragiorgis!
  * Bump package priority from optional to standard.
  * mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority
    bundle to version 2.50
    The following certificate authorities were added (+):
    + "AC RAIZ FNMT-RCM SERVIDORES SEGUROS"
    + "GlobalSign Root R46"
    + "GlobalSign Root E46"
    + "GLOBALTRUST 2020"
    + "ANF Secure Server Root CA"
    + "Certum EC-384 CA"
    + "Certum Trusted Root CA"
    The following certificate authorities were removed (-):
    - "QuoVadis Root CA"
    - "Sonera Class 2 Root CA"
    - "GeoTrust Primary Certification Authority - G2"
    - "VeriSign Universal Root Certification Authority"
    - "Chambers of Commerce Root - 2008"
    - "Global Chambersign Root - 2008"
    - "Trustis FPS Root CA"
    - "Staat der Nederlanden Root CA - G3"
  * Blacklist expired root certificate "DST Root CA X3" (closes: #995432)
  * mozilla/certdata2pem.py: print a warning for expired certificates.

 -- Julien Cristau <jcristau@debian.org>  Thu, 07 Oct 2021 17:12:47 +0200

ca-certificates (20210119) unstable; urgency=medium

  [ Julien Cristau ]
  * New maintainer (closes: #976406)
  * mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority
    bundle to version 2.46.
    The following certificate authorities were added (+):
    + "certSIGN ROOT CA G2"
    + "e-Szigno Root CA 2017"
    + "Microsoft ECC Root Certificate Authority 2017"
    + "Microsoft RSA Root Certificate Authority 2017"
    + "NAVER Global Root Certification Authority"
    + "Trustwave Global Certification Authority"
    + "Trustwave Global ECC P256 Certification Authority"
    + "Trustwave Global ECC P384 Certification Authority"
    The following certificate authorities were removed (-):
    - "EE Certification Centre Root CA"
    - "GeoTrust Universal CA 2"
    - "LuxTrust Global Root 2"
    - "OISTE WISeKey Global Root GA CA"
    - "Staat der Nederlanden Root CA - G2" (closes: #962079)
    - "Taiwan GRCA"
    - "Verisign Class 3 Public Primary Certification Authority - G3"

  [ Michael Shuler ]
  * mozilla/blacklist:
    Revert Symantec CA blacklist (#911289). Closes: #962596
    The following root certificates were added back (+):
    + "GeoTrust Primary Certification Authority - G2"
    + "VeriSign Universal Root Certification Authority"

  [ Gianfranco Costamagna ]
  * debian/{rules,control}:
    Merge Ubuntu patch from Matthias Klose to use Python3 during build.
    Closes: #942915

 -- Julien Cristau <jcristau@debian.org>  Tue, 19 Jan 2021 11:11:04 +0100