Forum: >>> Magnum BBS <<<

Bug#1095913: ca-certificates: missing mozilla/Sectigo_Public_Server_Aut

From Sylvain Beucler@21:1/5 to debian-bts@jelly.kladdkaka.org on Fri Apr 11 18:00:01 2025

Hi Zoran,

On Thu, 13 Feb 2025 18:24:10 +0100 Zoran =?utf-8?Q?=C7=85elajlija?= <debian-bts@jelly.kladdkaka.org> wrote:

TLDR: Please consider adding this specific root CA to ca-certificates in stable.

Regards, Zoran

P.S. not going to use this report to suggest backporting the whole Mozilla bundle.

P.P.S. versions in oldstable (LTS) and oldoldstable (ELTS) are affected as well. CC-ing the LTS list.

According to:
https://tracker.debian.org/pkg/ca-certificates
updating ca-certificates seems pretty rare.

Is it really necessary?
Is there an alternate chain in these new certificates, for transition
purposes?
Do you have public/widespread URLs that we can test?

For LTS/ELTS: we generally only plan an update if a similar update made
it to Debian stable/oldstable :)

Cheers!
Sylvain Beucler
Debian LTS Team

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	489
Nodes:	16 (2 / 14)
Uptime:	21:07:14
Calls:	9,665
Files:	13,714
Messages:	6,168,097