1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
|
ca-certificates-java (20140324) unstable; urgency=medium
* Team upload.
* Fixed a test failure caused by the removal of the CAcert.org root
certificate from the ca-certificates package (Closes: #741755)
* Limit the memory used by java to 64M when updating the certificates
(Closes: #576453)
* Mavenized the project
* Code refactoring
* d/control: Standards-Version updated to 3.9.5 (no changes)
* Switch to debhelper level 9
-- Emmanuel Bourg <ebourg@apache.org> Mon, 24 Mar 2014 09:42:08 +0100
ca-certificates-java (20130815) unstable; urgency=low
* Acknowledge NMU done by Don Armstrong and Andreas Beckmann.
* Fix tests to works with new cacert certificates names (Closes:
#713138).
* d/control: Use canonical value for Vcs-* fields.
* d/control: Remove deprecated DMUA flag.
* d/control: Bump Standards-Version to 3.9.4 (no changes needed).
-- Damien Raude-Morvan <drazzib@debian.org> Thu, 15 Aug 2013 13:52:46 +0200
ca-certificates-java (20121112+nmu2) unstable; urgency=medium
* Non-maintainer upload.
* postinst, jks-keystore.hook: Do not fail if nss.cfg does not (yet) exist,
i.e. if openjdk-?-jre-headless is unpacked but not yet configured.
(Closes: #694888)
* Set urgency to medium for RC bugfix.
-- Andreas Beckmann <anbe@debian.org> Sun, 27 Jan 2013 14:19:41 +0100
ca-certificates-java (20121112+nmu1) unstable; urgency=low
* Non-maintainer upload
* Fix test for dpkg-query in postinst; there was an extraneous --version
here. [Probably don't even need to bother to check for dpkg-query, but
why not.] (Closes: #690204)
* Library path for softokn3pkg and nsspkg is potentially wrong if there
are multiple different paths; fix it.
* Do not run the hook if ca-certificates-java has been removed but not
purged.
* Use the new trigger support provided by ca-certificates (>=20121114).
-- Don Armstrong <don@debian.org> Mon, 12 Nov 2012 15:45:50 -0800
ca-certificates-java (20120721) unstable; urgency=low
* Fix jks-keystore and postinst to work on multi-arch system.
Use dpkg-query -L package:arch. (Closes: #680618).
* As libnss3-1d is a transitional package on both Debian and Ubuntu,
upgrade Depends to use libnss3.
-- Damien Raude-Morvan <drazzib@debian.org> Sat, 21 Jul 2012 01:06:32 +0200
ca-certificates-java (20120608) unstable; urgency=low
[ James Page ]
* Switch primary JRE dependency from openjdk-6 to openjdk-7 to support
demotion of openjdk-6 to universe in Ubuntu:
- d/control, rules: Generate primary JRE dependency at build time to
allow differentiation between Ubuntu and Debian.
* Added myself to uploaders.
[ Damien Raude-Morvan ]
* Update to unstable.
* Set DMUA flag for James Page.
-- James Page <james.page@ubuntu.com> Fri, 08 Jun 2012 09:44:58 +0100
ca-certificates-java (20120603) unstable; urgency=low
* Use javahelper as buildsystem:
- d/control: Add Build-Depends on javahelper.
- d/rules: Use jh_build to call javac.
* Create a testsuite for this package:
- Refactor UpdateCertificates code to send exceptions instead of
System.exit(1).
- New testsuite: UpdateCertificatesTest.
- d/control: Build-Depends on junit4.
- d/rules: Launch junit after build and handle "nocheck" option in
DEB_BUILD_OPTIONS.
-- Damien Raude-Morvan <drazzib@debian.org> Sun, 03 Jun 2012 12:10:26 +0200
ca-certificates-java (20120524) unstable; urgency=low
[ Marc Deslauriers ]
* debian/preinst, debian/postinst: remove the 20110912ubuntu1 work-around
since it is no longer needed.
* debian/postinst: don't put a symlink in / if jvm doesn't contain nss
configuration. (Closes: #665754, #665749).
* debian/postinst: force migration to new alias names again. The
migration was supposed to occur on upgrades to Oneiric, but failed
because of an NSS error.
* debian/postinst: forcibly remove diginotar cert. It could be left
behind under certain circumstances. (LP: #920758)
* debian/postinst: also look for jvm in multiarch locations (LP: #962378)
* debian/postinst: retrigger first_install to properly get cert store.
[ James Page ]
* d/rules: Ensure java is built with source/target == 1.6 for backwards
compatibility with openjdk-6.
[ Damien Raude-Morvan ]
* Sync handling of nss.cfg between debian/jks-keystore.hook.in and
debian/postinst.in.
* Merge changes from Ubuntu (Thanks to James Page and Marc Deslauriers).
* Improve handling of certificate with UTF-8 filenames:
- UpdateCertificates: Force read System.in with UTF-8
- debian/postinst: Set LC_CTYPE to C.UTF-8
-- Damien Raude-Morvan <drazzib@debian.org> Tue, 22 May 2012 23:41:41 +0200
ca-certificates-java (20120225) unstable; urgency=low
[ Steve Langasek ]
* debian/jks-keystore.hook: If we *don't* find libnss3 / libnss3-1d,
don't remove files from the filesystem in do_cleanup(),
since this has a nasty tendency of nuking system libraries.
LP: #855171.
* debian/preinst, debian/postinst: when upgrading from version
20110912ubuntu1, disable the buggy hook script early to prevent it from
being run before our new version is configured; and re-enable the script
in the postinst. LP: #855246.
[ Matthias Klose ]
* Mark as Multi-Arch: foreign.
* Adjust the libnss3-1d versioned dependency.
[ Damien Raude-Morvan ]
* Add myself to Uploaders.
* Use dh_gencontrol and dpkg-vendor to allow:
- New substvar ${nss:Depends} for libnss3-1d versionning.
- New @NSS_LIB@ parameter for debian/*.in files.
* Bump Standards-Version to 3.9.3:
- Add recommended build-arch / build-indep targets.
-- Damien Raude-Morvan <drazzib@debian.org> Sat, 25 Feb 2012 15:06:32 +0100
ca-certificates-java (20111223) unstable; urgency=low
* Support new multiarch JRE packages in postinst.
-- Torsten Werner <twerner@debian.org> Fri, 23 Dec 2011 13:46:15 +0100
ca-certificates-java (20110912) unstable; urgency=low
* Support new multiarch JRE packages in jks-keystore. (Closes: #641306)
* Support OpenJDK 7. (Closes: #641305)
-- Torsten Werner <twerner@debian.org> Mon, 12 Sep 2011 21:23:22 +0200
ca-certificates-java (20110816) unstable; urgency=low
* Upgrade Recommends: libnss3-1d to a versioned Depends due to multiarch
changes. (Closes: #635571)
* Use the locale C.UTF-8 for the hook script to be more robust.
-- Torsten Werner <twerner@debian.org> Tue, 16 Aug 2011 11:00:33 +0200
ca-certificates-java (20110531) unstable; urgency=low
* Prepare for multiarch libnss3 update.
-- Matthias Klose <doko@ubuntu.com> Tue, 31 May 2011 15:20:52 +0200
ca-certificates-java (20110426) unstable; urgency=low
* Test for existing file in postinst before copying it. (Closes: #624152)
* Add Vcs headers to debian/control.
-- Torsten Werner <twerner@debian.org> Tue, 26 Apr 2011 09:23:03 +0200
ca-certificates-java (20110425) unstable; urgency=low
* Add Java code to update the keystore and support UTF-8 encoded filenames.
(Closes: #607245, #623671)
* Change Maintainer to Debian Java Maintainers and add myself to Uploaders.
* Update Build-Depends.
* Replace old inconsistent keystore aliases. (Closes: #623888)
* Add support for openjdk-7 and remove support for old cacao VM.
* Add a NEWS file explaining the update.
* Update README.Debian.
-- Torsten Werner <twerner@debian.org> Mon, 25 Apr 2011 15:28:55 +0200
ca-certificates-java (20100412) unstable; urgency=low
* Upload to unstable.
-- Matthias Klose <doko@ubuntu.com> Mon, 12 Apr 2010 03:15:47 +0200
ca-certificates-java (20100406ubuntu1) lucid; urgency=low
* Make the installation and import of certificates more robust,
if the NSS based security provider is disabled or not built.
-- Matthias Klose <doko@ubuntu.com> Sun, 11 Apr 2010 20:54:43 +0200
ca-certificates-java (20100406) unstable; urgency=low
* Explicitely fail the installation, if /proc is not mounted.
Currently required by the java tools, changed in OpenJDK7.
Closes: #576453. LP: #556044.
* Print name of JVM in case of errors.
* Set priority to optional, set section to java. Closes: #566855.
* Remove /etc/ssl/certs on package purge, if empty. Closes: #566853.
-- Matthias Klose <doko@debian.org> Tue, 06 Apr 2010 21:41:39 +0200
ca-certificates-java (20091021) unstable; urgency=low
* Clarify output for keytool errors (although it shouldnn't be
necessary anymore). Closes: #540490.
-- Matthias Klose <doko@ubuntu.com> Wed, 21 Oct 2009 22:00:53 +0200
ca-certificates-java (20090928) karmic; urgency=low
* Rebuild with OpenJDK supporting PKCS11 cryptography, rebuild with
ca-certificates 20090814.
-- Matthias Klose <doko@ubuntu.com> Mon, 28 Sep 2009 16:47:09 +0200
ca-certificates-java (20090629) unstable; urgency=low
* debian/rules, debian/postinst, debian/jks-keystore.hook: Filter out
SHA384withECDSA certificates since keytool won't support them.
LP: #392104, closes: #534520.
* Fix typo in hook. Closes: #534533.
* Use java6-runtime-headless as alternative dependency. Closes: #512293.
-- Matthias Klose <doko@ubuntu.com> Mon, 29 Jun 2009 11:27:59 +0200
ca-certificates-java (20081028) unstable; urgency=low
* Ignore LANG and LC_ALL setting when running keytool. LP: #289934.
-- Matthias Klose <doko@debian.org> Tue, 28 Oct 2008 07:20:16 +0100
ca-certificates-java (20081027) unstable; urgency=medium
* Merge from Ubuntu:
- Don't try to import certificates, which are listed in
/etc/ca-certificates.conf, but not available on the system.
Just warn about those. LP: #289091.
- Need to run keytool, when the jre is unpacked, but not yet configured.
Create a temporary jvm.cfg for the time in that postinst and the
jks-keystore.hook are run, and remove it afterwards. LP: #289199.
-- Matthias Klose <doko@debian.org> Mon, 27 Oct 2008 13:58:14 +0100
ca-certificates-java (20081024) unstable; urgency=low
* Install /etc/default/cacerts with mode 600.
-- Matthias Klose <doko@debian.org> Fri, 24 Oct 2008 15:10:48 +0200
ca-certificates-java (20081022) unstable; urgency=low
* debian/jks-keystore.hook:
- Don't stop after first error during the update. LP: #244412.
Closes: #489748.
- Call keytool with -noprompt.
* On initial install, add locally added certificates. LP: #244410.
Closes: #489748.
* Install /etc/default/cacerts to set options:
- storepass, holding the password for the keystore.
- updates, to enable/disable updates of the keystore.
* Only use the keytool command from OpenJDK or Sun Java. Closes: #496587.
-- Matthias Klose <doko@ubuntu.com> Wed, 22 Oct 2008 20:51:24 +0200
ca-certificates-java (20080712) unstable; urgency=low
* Upload to main.
-- Matthias Klose <doko@ubuntu.com> Sat, 12 Jul 2008 12:19:00 +0200
ca-certificates-java (20080711) unstable; urgency=low
* debian/jks-keystore.hook: Fix typo. Closes: #489747, LP: #244408.
-- Matthias Klose <doko@ubuntu.com> Fri, 11 Jul 2008 20:38:04 +0200
ca-certificates-java (20080514) unstable; urgency=low
* Initial release.
-- Matthias Klose <doko@ubuntu.com> Mon, 02 Jun 2008 14:52:46 +0000
|
