diff options
-rw-r--r-- | debian/changelog | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 733c62c..385b801 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,21 @@ +lacme (0.8.3-1) unstable; urgency=high + + * New upstream bugfix release. + + Fix post-issuance validation logic. We avoid pining the intermediate + certificates in the bundle and instead validate the leaf certificate + with intermediates supplied during issuance as untrusted (used for chain + building only). Only the root certificates are used as trust anchor. + Not pining intermediate certificates is in line with Let's Encrypt's + latest recommendations. + Closes: #1072847 + + Pass `-in /dev/stdin` option to openssl(1) to avoid warning with OpenSSL + 3.2 or later. + + Fix test suite to account for Let's Encrypt's (staging) ACME server + changes. + * d/control: Update Standards-Version to 4.7.0 (no changes necessary). + + -- Guilhem Moulin <guilhem@debian.org> Thu, 13 Jun 2024 17:56:33 +0200 + lacme (0.8.2-1) unstable; urgency=medium * New upstream bugfix release. |