diff options
author | Guilhem Moulin <guilhem@debian.org> | 2024-06-13 17:59:30 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@debian.org> | 2024-06-13 18:02:25 +0200 |
commit | 33650da2cb596aa66f0f577058871b51d4ad7c83 (patch) | |
tree | ca05ec03315cfd07104a90d91d23af3298ab60c0 | |
parent | 70acdebb0b706a83b6f88898ee963b7ce5edabce (diff) |
Update changelog for 0.8.3-1 releasedebian/0.8.3-1
-rw-r--r-- | debian/changelog | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 733c62c..385b801 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,21 @@ +lacme (0.8.3-1) unstable; urgency=high + + * New upstream bugfix release. + + Fix post-issuance validation logic. We avoid pining the intermediate + certificates in the bundle and instead validate the leaf certificate + with intermediates supplied during issuance as untrusted (used for chain + building only). Only the root certificates are used as trust anchor. + Not pining intermediate certificates is in line with Let's Encrypt's + latest recommendations. + Closes: #1072847 + + Pass `-in /dev/stdin` option to openssl(1) to avoid warning with OpenSSL + 3.2 or later. + + Fix test suite to account for Let's Encrypt's (staging) ACME server + changes. + * d/control: Update Standards-Version to 4.7.0 (no changes necessary). + + -- Guilhem Moulin <guilhem@debian.org> Thu, 13 Jun 2024 17:56:33 +0200 + lacme (0.8.2-1) unstable; urgency=medium * New upstream bugfix release. |