-
Committer:
Package Import Robot
-
Author(s):
Jamie Strandboge
-
Date:
2013-01-11 12:30:30 UTC
-
mfrom:
(1.1.16)
-
Revision ID:
package-import@ubuntu.com-20130111123030-o5i6x43jzck728d3
Tags: 3.14.1-0ckbi1.93ubuntu.0.11.10.1
* New upstream release. Dropped the following patches:
  - debian/patches/25_entropy.patch (was bz51429 obsoleted by fix for
    bz174993)
  - debian/patches/38_mips64_build.patch (we don't build on mips)
  - debian/patches/90_realpath.patch (included upstream)
    upstream)
  - debian/patches/diginotar.patch (included upstream)
  - debian/patches/CVE-2012-0441.patch (included upstream)
*Â debian/patches/01_dont_build_nspr.patch:Â refresh
* debian/patches/38_kbsd.patch: refresh/update based on Debian
*Â debian/patches/80_security_build.patch:Â refresh
* debian/patches/85_security_load.patch: refresh/update based on Debian
* debian/patches/97_SSL_RENEGOTIATE_TRANSITIONAL.patch: refresh/update based
  on Debian
* SECURITY UPDATE: distrust improperly issued TURKTRUST intermediate CAs
  - debian/patches/94_ckbi-1.9.patch: update to CKBI 1.93 by using
    mozilla/security/nss/lib/ckfw/builtins/certdata.txt from upstream and
    updating mozilla/security/nss/lib/ckfw/builtins/nssckbi.h. Apply this
    before 95_add_spi+cacert_ca_certs.patch since it keeps this patch clean
    and underscores that SPI and CACERT are not part of upstream Roots.
  - CVE-2013-0743
* debian/libnss3.symbols: updated for *_3.12.10 through *_3.14.1