diff --git a/SPECS/ca-certificates.spec b/SPECS/ca-certificates.spec index dd28bba..9a67cf5 100644 --- a/SPECS/ca-certificates.spec +++ b/SPECS/ca-certificates.spec @@ -40,7 +40,7 @@ Version: 2015.2.4 # On RHEL 7.x, please keep the release version >= 70 # When rebasing on Y-Stream (7.y), use 71, 72, 73, ... # When rebasing on Z-Stream (7.y.z), use 70.0, 70.1, 70.2, ... -Release: 70.0%{?dist} +Release: 71%{?dist} License: Public Domain Group: System Environment/Base @@ -391,22 +391,25 @@ fi %changelog -* Thu Apr 23 2015 Kai Engert - 2015.2.4-70.0 +* Thu Apr 23 2015 Kai Engert - 2015.2.4-71 - Update to CKBI 2.4 from NSS 3.18.1 with legacy modifications. -* Wed Apr 15 2015 Kai Engert - 2015.2.3-70.0 +* Tue Apr 14 2015 Kai Engert - 2015.2.3-72 +- Fix a typo in the ca-legacy manual page (rhbz#1208850) + +* Tue Mar 31 2015 Kai Engert - 2015.2.3-71 - Update to CKBI 2.3 from NSS 3.18 with legacy modifications. +- Add an alternative version of the "Thawte Premium Server CA" root, + which carries a SHA1-RSA signature, to allow OpenJDK to verify applets + which contain that version of the root certificate. + This change doesn't add trust for another key, because both versions + of the certificate use the same public key (rhbz#1170982). - Add a patch to the source RPM that documents the changes from the upstream version. - Introduce the ca-legacy utility, a manual page, and the ca-legacy.conf configuration file. - The new scriptlets require the coreutils package. - Remove the obsolete blacklist.txt file. -- Add an alternative version of the "Thawte Premium Server CA" root, - which carries a SHA1-RSA signature, to allow OpenJDK to verify applets - which contain that version of the root certificate. - This change doesn't add trust for another key, because both versions - of the certificate use the same public key (rhbz#1170982). * Wed Sep 17 2014 Stef Walter - 2014.1.98-72 - The BasicConstraints fix for Entrust Root is no longer necessary.