Control: severity -1 minor

On Mon, Feb  5, 2024 at 10:19:10 +0800, Paul Wise wrote:

> I noticed that there is one expired certificate in ca-certificates:
> 
>    $ cat test
>    now=$(date -u)
>    date -d "$now"
>    now="$(date -d "$now" +%s)"
>    for f in /usr/share/ca-certificates/mozilla/* ; do
>     date="$(openssl x509 -enddate -noout -in "$f" | cut -d= -f2)"
>     d="$(date -d "$date" +%s)"
>     if [ $((d<=now)) -eq 1 ] ; then
>      echo Expired: $f $date $d $now
>     fi
>    done
>    $ sh test
>    Mon 05 Feb 2024 10:13:46 AWST
>    Expired: 
> /usr/share/ca-certificates/mozilla/Security_Communication_Root_CA.crt Sep 30 
> 04:20:49 2023 GMT 1696047649 1707099226
> 
> It might be a good idea to add an autopkgtest to check them.
> 
It doesn't actually matter, though, and it'll be gone next time we pull
from mozilla.

Cheers,
Julien

Reply via email to