aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--debian/changelog18
1 files changed, 18 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 733c62c..385b801 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,21 @@
+lacme (0.8.3-1) unstable; urgency=high
+
+ * New upstream bugfix release.
+ + Fix post-issuance validation logic. We avoid pining the intermediate
+ certificates in the bundle and instead validate the leaf certificate
+ with intermediates supplied during issuance as untrusted (used for chain
+ building only). Only the root certificates are used as trust anchor.
+ Not pining intermediate certificates is in line with Let's Encrypt's
+ latest recommendations.
+ Closes: #1072847
+ + Pass `-in /dev/stdin` option to openssl(1) to avoid warning with OpenSSL
+ 3.2 or later.
+ + Fix test suite to account for Let's Encrypt's (staging) ACME server
+ changes.
+ * d/control: Update Standards-Version to 4.7.0 (no changes necessary).
+
+ -- Guilhem Moulin <guilhem@debian.org> Thu, 13 Jun 2024 17:56:33 +0200
+
lacme (0.8.2-1) unstable; urgency=medium
* New upstream bugfix release.