[ol7_latest] ca-certificates-2017.2.14-71.el7.noarch

Name:	ca-certificates
Version:	2017.2.14
Release:	71.el7
Architecture:	noarch
Group:	System Environment/Base
Size:	1241908
License:	Public Domain
RPM:	ca-certificates-2017.2.14-71.el7.noarch.rpm
Source RPM:	ca-certificates-2017.2.14-71.el7.src.rpm
Build Date:	Wed Aug 02 2017
Build Host:	x86-ol7-builder-01.us.oracle.com
Vendor:	Oracle America
URL:	http://www.mozilla.org/
Summary:	The Mozilla CA root certificate bundle
Description:	This package contains the set of CA certificates chosen by the Mozilla Foundation for use with the Internet PKI.

Changelog (Show File list) (Show related packages)

Fri Apr 28 2017 Kai Engert <kaie@redhat.com> - 2017.2.14-71
```
- Update to CKBI 2.14 from NSS 3.30.2
```
Fri Mar 10 2017 Kai Engert <kaie@redhat.com> - 2017.2.11-73
```
- No longer trust legacy CAs
```

Fri Mar 10 2017 Kai Engert <kaie@redhat.com> - 2017.2.11-72

- Changed the packaged bundle to use the flexible p11-kit-object-v1 file format,
  as a preparation to fix bugs in the interaction between p11-kit-trust and
  Mozilla applications, such as Firefox, Thunderbird etc.
- For CAs trusted by Mozilla, set attribute nss-mozilla-ca-policy: true
- Require p11-kit 0.23.5
- Added an utility to help with comparing output of the trust dump command.

Tue Jan 17 2017 Kai Engert <kaie@redhat.com> - 2017.2.11-71

- Update to CKBI 2.11 from NSS 3.28.1 with legacy modifications.
- Use comments in extracted bundle files.
- Change packaging script to support empty legacy bundles.

Tue May 10 2016 Kai Engert <kaie@redhat.com> - 2016.2.6-73

- Use sln, not ln, to avoid the dependency on coreutils (rhbz#1328586)

Mon Apr 25 2016 Kai Engert <kaie@redhat.com> - 2015.2.6-72
```
- Fixed a typo in a manual page (rhbz#1303960)
```

Wed Jan 27 2016 Kai Engert <kaie@redhat.com> - 2015.2.6-71

- Update to CKBI 2.6 from NSS 3.21 with legacy modifications.

Thu Apr 23 2015 Kai Engert <kaie@redhat.com> - 2015.2.4-71

- Update to CKBI 2.4 from NSS 3.18.1 with legacy modifications.

Tue Apr 14 2015 Kai Engert <kaie@redhat.com> - 2015.2.3-72
```
- Fix a typo in the ca-legacy manual page (rhbz#1208850)
```

Tue Mar 31 2015 Kai Engert <kaie@redhat.com> - 2015.2.3-71

- Update to CKBI 2.3 from NSS 3.18 with legacy modifications.
- Add an alternative version of the "Thawte Premium Server CA" root,
  which carries a SHA1-RSA signature, to allow OpenJDK to verify applets
  which contain that version of the root certificate.
  This change doesn't add trust for another key, because both versions
  of the certificate use the same public key (rhbz#1170982).
- Add a patch to the source RPM that documents the changes from the
  upstream version.
- Introduce the ca-legacy utility, a manual page, and the ca-legacy.conf
  configuration file.
- The new scriptlets require the coreutils package.
- Remove the obsolete blacklist.txt file.