On 14/01/18 22:10, Brian May wrote: > Raphael Hertzog <hert...@debian.org> writes: > >> Yes, please. I saw reports of failures on IRC due to missing CA >> certificates. > > Done that now. > > Does this deserve a DLA?
It certainly does. But don't make it a 'security update', but just 'update'. See e.g. my tzdata advisories. > If so, I have no idea what to include. Maybe > something like: > > --- cut --- > This release does a complete update of the CA list. This includes > removing the StartCom and WoSign certificates to as they are now > untrusted by the major browser vendors. > --- cut --- > > Or do I need more details? e.g. the list of certificates added/removed > from debian/changelog? That snippet sounds good to me. Cheers, Emilio
