From 33650da2cb596aa66f0f577058871b51d4ad7c83 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@debian.org>
Date: Thu, 13 Jun 2024 17:59:30 +0200
Subject: Update changelog for 0.8.3-1 release

---
 debian/changelog | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 733c62c..385b801 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,21 @@
+lacme (0.8.3-1) unstable; urgency=high
+
+  * New upstream bugfix release.
+    + Fix post-issuance validation logic.  We avoid pining the intermediate
+      certificates in the bundle and instead validate the leaf certificate
+      with intermediates supplied during issuance as untrusted (used for chain
+      building only).  Only the root certificates are used as trust anchor.
+      Not pining intermediate certificates is in line with Let's Encrypt's
+      latest recommendations.
+      Closes: #1072847
+    + Pass `-in /dev/stdin` option to openssl(1) to avoid warning with OpenSSL
+      3.2 or later.
+    + Fix test suite to account for Let's Encrypt's (staging) ACME server
+      changes.
+  * d/control: Update Standards-Version to 4.7.0 (no changes necessary).
+
+ -- Guilhem Moulin <guilhem@debian.org>  Thu, 13 Jun 2024 17:56:33 +0200
+
 lacme (0.8.2-1) unstable; urgency=medium
 
   * New upstream bugfix release.
-- 
cgit v1.2.3