certspotter (0.18.0-1) unstable; urgency=medium * New upstream release. -- Faidon Liambotis Fri, 17 Nov 2023 18:00:34 +0200 certspotter (0.17.0-1) unstable; urgency=medium * New upstream release. - Drop build-dep on golang-golang-x-exp-dev, dropped upstream. -- Faidon Liambotis Fri, 27 Oct 2023 17:39:41 +0300 certspotter (0.16.0-1) unstable; urgency=medium * New upstream release. - Bugfix release targeted for bookworm (upstream #69). - Restores email functionality through /etc/certspotter/email_recipients. * Remove /usr/libexec/certspotter-script, as the "hooks.d" functionality was implemented natively by upstream. -- Faidon Liambotis Sat, 25 Feb 2023 02:13:53 +0200 certspotter (0.15.1-1) unstable; urgency=medium * New upstream release. - Drop patch -Xmain.Version patch, merged upstream. - No other upstream changes. -- Faidon Liambotis Tue, 14 Feb 2023 17:08:50 +0200 certspotter (0.15.0-1) unstable; urgency=medium * New upstream release. - certspotter is now a daemon; drop the systemd timer. - The experimental -script interface has been reworked, and different variables are now present. Notably, this resolves some security considerations, as described by upstream in upstream issue #63. - Upstream changes broke --version in the Debian package, so add upstream patch to allow debian/rules to set the version through Go's ldflags. - Remove debian/man, as the manpages are now merged upstream. * Add new build dependencies golang-golang-x-exp-dev and golang-golang-x-sync-dev as required by the new upstream release. * Bump Standards-Version to 4.6.2, no changes needed. -- Faidon Liambotis Thu, 09 Feb 2023 15:28:24 +0200 certspotter (0.14.0-1) unstable; urgency=medium * New upstream release. - Drop Build-Depends on golang-github-mreiferson-go-httpclient-dev, as this has been dropped upstream. - Update d/control with adjusted upstream description. * Restore uscan functionality, by updating d/watch to track upstream tags, rather than GitHub releases, which are seemingly non-existent. * Golang packaging updates: - Switch Build-Depends from dh-golang to dh-sequence-golang. - Switch from Built-Using to the newer Static-Built-Using. * Add a dependency on ca-certificates, necessary because all CT logs are accessible (only) over HTTPS. * Add certspotter(8) and certspotter-script(8) manpages, based on existing documentation in README, --help, as well as some amount of own work, through looking at the code. Written in Markdown, and converted using lowdown (a new build dependency), unless the "nodoc" profile or build option is configured. * Provide a better out of the box experience for certspotter, by shipping a systemd service and timer. This includes: - Adding a new system user and group, _certspotter, through sysusers.d. - Placing certspotter configuration files in LSB locations, namely /etc/certspotter and /var/cache/certspotter. - Creating a new /usr/libexec/certspotter-script helper, which calls run-parts on /etc/certspotter/hooks.d, as to be able to provide a polished way for users to run scripts. (Especially given systemd timers, unlike cron, do not email by default). - Provisioning a fairly contained (but not too-contained) systemd service, and a timer to run certspotter on an hourly basis. - Documenting some of the gotchas in README files and comments on the watchlist, and taking special care as to NOT enable the service unless the user has explicitly configured domains to be monitored. * Drop the submitct binary from the package. It's undocumented in both documentation and in its --help, and only potentially useful in certain niche application, none of which I'm aware. If this is useful to anyone, please file a bug report so that we can document it and ship it again. * Switch to the "net" Section, as it is more appropriate than "devel". * Add a couple of autopkgtests: one superficial and offline, just to ensure the binary runs, and another that is online and tests against the production CT logs. * Bump Standards-Version to 4.6.1, no further changes needed. -- Faidon Liambotis Sun, 08 Jan 2023 19:38:06 +0200 certspotter (0.10-1) unstable; urgency=medium * New upstream release. - Drop patch remove-symantec, fixed upstream. * Build with hardening flags. * Add Rules-Requires-Root: no to build without (fake)root. * Set debhelper-compat version in Build-Depends. * Bump debhelper compatibility version to 13. * Bump Standards-Version to 4.5.1. * Bump watch file to version 4. * Set upstream metadata fields. -- Faidon Liambotis Sun, 10 Jan 2021 03:23:16 +0200 certspotter (0.9-2) unstable; urgency=medium * Team upload. [ Stephen Gelman ] * Add upstream patch to remove Symantec CT log servers (Closes: #912146) [ Jelmer Vernooij ] * Use secure copyright file specification URI. -- Stephen Gelman Mon, 29 Oct 2018 11:44:04 -0500 certspotter (0.9-1) unstable; urgency=medium [ Faidon Liambotis ] * New upstream release. (Closes: #900056) * Bump Standards-Version to 4.1.4, no changes needed. [ Alexandre Viau ] * Point Vcs-* urls to salsa.debian.org. -- Faidon Liambotis Sat, 26 May 2018 18:42:11 +0300 certspotter (0.8-1) unstable; urgency=medium * New upstream release. * Bump Standards-Version to 4.1.2, no changes needed. * Adjust long description to make it less advertising-like. Thanks to Chris Lamb for the suggestion. -- Faidon Liambotis Wed, 27 Dec 2017 01:51:13 +0200 certspotter (0.5-1) unstable; urgency=medium * New upstream release. * Bump Standards-Version to 4.0.0, no changes needed. -- Faidon Liambotis Mon, 19 Jun 2017 18:27:55 +0300 certspotter (0.3-1) unstable; urgency=medium * Initial release (Closes: #851940) -- Faidon Liambotis Tue, 21 Feb 2017 04:29:53 +0200