Hi Zoran,
On Thu, 13 Feb 2025 18:24:10 +0100 Zoran =?utf-8?Q?=C7=85elajlija?=
<debian-...@jelly.kladdkaka.org> wrote:
TLDR: Please consider adding this specific root CA to ca-certificates in stable.
Regards, Zoran
P.S. not going to use this report to suggest backporting the whole Mozilla
bundle.
P.P.S. versions in oldstable (LTS) and oldoldstable (ELTS) are affected as
well. CC-ing the LTS list.
According to:
https://tracker.debian.org/pkg/ca-certificates
updating ca-certificates seems pretty rare.
Is it really necessary?
Is there an alternate chain in these new certificates, for transition
purposes?
Do you have public/widespread URLs that we can test?
For LTS/ELTS: we generally only plan an update if a similar update made
it to Debian stable/oldstable :)
Cheers!
Sylvain Beucler
Debian LTS Team
