#215 closed task (fixed)
Update ca-certificates bundle, NSS, and NSPR
Reported by: | Lewis Rosenthal | Owned by: | Silvan Scherrer |
---|---|---|---|
Priority: | minor | Milestone: | |
Component: | *none | Version: | |
Severity: | highest | Keywords: | |
Cc: | dryeo |
Description
Our last ca-certificates bundle update was 2017.11. Likewise NSPR and NSS (and friends) are also well out of date.
Change History (10)
comment:1 by , 5 years ago
comment:2 by , 5 years ago
those among others will be done later this year. when exactly we don't know yet.
comment:3 by , 5 years ago
Component: | nss → *none |
---|---|
Owner: | set to |
Priority: | major → minor |
Severity: | highest → medium |
Status: | new → assigned |
btw adding one ticket for 3 things is a bad idea per see. You know your own policy I guess :)
but as a small update: ca-certificate is built, but not working as we lack p11-kit.
p11-kit is right now in the porting progress. and some others are already done, as p11-kit needed more of course.
and all repo are moved to github now.
comment:4 by , 5 years ago
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
ca-certificates is done and p11-kit as well. it's in exp repo and needs careful testing.
new tickets please in our github pages.
comment:5 by , 5 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Sorry, but I cannot find a ca-certificates repo at GitHub.
During update of ca-certificates, the following occurs:
Resolving Dependencies --> Running transaction check ---> Package ca-certificates.noarch 0:2017.11-1.oc00 will be updated ---> Package ca-certificates.noarch 0:2019.2.32-1.oc00 will be an update ca-certificates-2019.2.32-1.oc00.noarch requires: p11-kit-trust >= 0.23.10 --> Processing Dependency: p11-kit-trust >= 0.23.10 for package: ca-certificates-2019.2.32-1.oc00.noarch Searching pkgSack for dep: p11-kit-trust TSINFO: Marking p11-kit-trust-0.23.18.1-1.oc00.pentium4 as install for ca-certificates-2019.2.32-1.oc00.noarch ca-certificates-2019.2.32-1.oc00.noarch requires: p11-kit-trust >= 0.23.10 --> Processing Dependency: p11-kit-trust >= 0.23.10 for package: ca-certificates-2019.2.32-1.oc00.noarch Quick matched p11-kit-trust-0.23.18.1-1.oc00.pentium4 to require for p11-kit-trust ca-certificates-2019.2.32-1.oc00.noarch requires: sh --> Processing Dependency: sh for package: ca-certificates-2019.2.32-1.oc00.noarch Searching pkgSack for dep: sh ca-certificates-2019.2.32-1.oc00.noarch requires: sh --> Processing Dependency: sh for package: ca-certificates-2019.2.32-1.oc00.noarch Searching pkgSack for dep: sh --> Running transaction check ---> Package ca-certificates.noarch 0:2019.2.32-1.oc00 will be an update ca-certificates-2019.2.32-1.oc00.noarch requires: sh --> Processing Dependency: sh for package: ca-certificates-2019.2.32-1.oc00.noarch Searching pkgSack for dep: sh ca-certificates-2019.2.32-1.oc00.noarch requires: sh --> Processing Dependency: sh for package: ca-certificates-2019.2.32-1.oc00.noarch Searching pkgSack for dep: sh ---> Package p11-kit-trust.pentium4 0:0.23.18.1-1.oc00 will be installed p11-kit-trust-0.23.18.1-1.oc00.pentium4 requires: tasn16.dll --> Processing Dependency: tasn16.dll for package: p11-kit-trust-0.23.18.1-1.oc00.pentium4 Searching pkgSack for dep: tasn16.dll Error: Package: ca-certificates-2019.2.32-1.oc00.noarch (netlabs-exp) Requires: sh TSINFO: Marking libtasn1-4.14-1.oc00.pentium4 as install for p11-kit-trust-0.23.18.1-1.oc00.pentium4 --> Running transaction check ---> Package ca-certificates.noarch 0:2019.2.32-1.oc00 will be an update ca-certificates-2019.2.32-1.oc00.noarch requires: sh --> Processing Dependency: sh for package: ca-certificates-2019.2.32-1.oc00.noarch Searching pkgSack for dep: sh ca-certificates-2019.2.32-1.oc00.noarch requires: sh --> Processing Dependency: sh for package: ca-certificates-2019.2.32-1.oc00.noarch Searching pkgSack for dep: sh ---> Package libtasn1.pentium4 0:4.14-1.oc00 will be installed --> Finished Dependency Resolution Dependency Process ending Depsolve time: 0.162 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest
dash-sh is installed on the system, and both sh (symlink to /@unixroot/usr/bin/dash.exe) and sh.exe exist in /@unixroot/usr/bin.
Please advise as to where this should be reported if not here.
comment:6 by , 5 years ago
Severity: | medium → highest |
---|
comment:7 by , 5 years ago
Known fact already :) I forgot to upload a new dash package. Will do in monday i hope
comment:8 by , 5 years ago
Cc: | added |
---|
comment:9 by , 5 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
Confirmed that the new dash package resolves the dependency for both i686 and pentium4. Thanks.
Still not sure where ca-certficates issues are supposed to be reported on github.
comment:10 by , 5 years ago
me neither atm :) we are creating some possibilities soon. while github is great, it also has some drawbacks. like not having the possibility to add tickets for private repos.
we figure out the best strategy for that atm.
Prior ca-certificates update ticket (with useful links): #105.