diff options
author | Guilhem Moulin <guilhem@debian.org> | 2024-06-15 21:24:54 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@debian.org> | 2024-06-16 00:10:26 +0200 |
commit | c750e5b8a31ed5267150167ac68b5a5f89fc488b (patch) | |
tree | 94bb8b32e179addc8892984c52150f8911f0b50a /debian/changelog | |
parent | db39468162d7631abe75bd2cfbde92c69a3520cd (diff) |
Pointed by Jonathan Wiltshire at https://bugs.debian.org/1073174#12 .
Thanks!
Diffstat (limited to 'debian/changelog')
-rw-r--r-- | debian/changelog | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/debian/changelog b/debian/changelog index 9a0e819..febb402 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,11 +1,12 @@ lacme (0.8.2-1+deb12u1) bookworm; urgency=medium - * Backport upstream patches to fix post-issuance validation logic. - We avoid pining the intermediate certificates in the bundle and instead - validate the leaf certificate with intermediates supplied during issuance - as untrusted (used for chain building only). Only the root certificates - are used as trust anchor. Not pining intermediate certificates is in line - with Let's Encrypt's latest recommendations. + * Backport upstream patches to fix post-issuance validation logic. We avoid + pinning the intermediate certificates in the bundle and instead validate + the leaf certificate with intermediates supplied during issuance as + untrusted (used for chain building only). Only the root certificates are + used as trust anchor. + Not pinning intermediate certificates is in line with Let's Encrypt's + latest recommendations. Closes: #1072847 * Adjust test suite against current Let's Encrypt staging environment. * d/gbp.conf: Set 'debian-branch = debian/bookworm'. |