diff options
| author |   Lars Wendler <polynomial-c@gentoo.org> | 2017-08-08 09:38:15 +0200 |
|---|---|---|
| committer | Lars Wendler <polynomial-c@gentoo.org> | 2017-08-08 09:40:50 +0200 |
| commit | b2cae8b25d30cee6412433139fbc323f08cffb8a (patch) | |
| tree | 5e3330f2691998e0d59601773ce182554c4faabf | |
| parent | app-misc/ca-certificates: Bump to version 20161130.3.32 (diff) | |
| download | gentoo-b2cae8b25d30cee6412433139fbc323f08cffb8a.tar.gz gentoo-b2cae8b25d30cee6412433139fbc323f08cffb8a.tar.bz2 gentoo-b2cae8b25d30cee6412433139fbc323f08cffb8a.zip | |
app-misc/ca-certificates: Fixed removal of untrusted certs (#616002).
Package-Manager: Portage-2.3.6, Repoman-2.3.3
| -rw-r--r-- | app-misc/ca-certificates/ca-certificates-20161130.3.30.2.ebuild | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/app-misc/ca-certificates/ca-certificates-20161130.3.30.2.ebuild b/app-misc/ca-certificates/ca-certificates-20161130.3.30.2.ebuild index a72077ebef87..45efcd9d5817 100644 --- a/app-misc/ca-certificates/ca-certificates-20161130.3.30.2.ebuild +++ b/app-misc/ca-certificates/ca-certificates-20161130.3.30.2.ebuild @@ -138,9 +138,15 @@ src_compile() { fi if ! use insecure_certs ; then + elog "To prevent applications relying on system's trusted root certificate store" + elog "from using CAs where at least one major browser vendor Gentoo is following" + elog "has decided to apply trust level restrictions, the following" + elog "certificate(s) were removed:" # Remove untrusted certs from StartCom and WoSign (bug #598072) - rm "${c}"/mozilla/StartCom* || die - rm "${c}"/mozilla/WoSign* || die + elog "$(find "${c}" -type f \( \ + -iname '*startcom*' \ + -o -iname '*wosign*' \ + \) -printf '%P removed; see https://bugs.gentoo.org/598072 for details\n' -delete)" fi ( |