diff options
-rw-r--r-- | debian/changelog | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog index 385b801..ca3e7b3 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,11 +1,11 @@ lacme (0.8.3-1) unstable; urgency=high * New upstream bugfix release. - + Fix post-issuance validation logic. We avoid pining the intermediate + + Fix post-issuance validation logic. We avoid pinning the intermediate certificates in the bundle and instead validate the leaf certificate with intermediates supplied during issuance as untrusted (used for chain building only). Only the root certificates are used as trust anchor. - Not pining intermediate certificates is in line with Let's Encrypt's + Not pinning intermediate certificates is in line with Let's Encrypt's latest recommendations. Closes: #1072847 + Pass `-in /dev/stdin` option to openssl(1) to avoid warning with OpenSSL |