Outdated ca-certificates
asked 2016-08-21 12:03:25 +0200
@Federico is right, it is an issue worth separate question.
Package ca-certificates in SailfishOS has version 2014.2.1, meaning it's outdated by 2 years. It is a security issue, as SailfishOS will still trust certificates revoked since then (due to being compromised among other reasons).
Along with tzdata package, it requires regular updates, as certificates are being issued and revoked quite often, new CAs come (Let's Encrypt went into beta in 2015).
It is possible installing ca-certificates from CentOS will work fine, but I haven't tested it yet. Latest rpm can be fund here — http://mirror.centos.org/centos/6/os/i386/Packages/ca-certificates-2015.2.6-65.0.1.el6_7.noarch.rpm
Please note it's marked 2015, so it is still a bit outdated too. Newer are in Debian Sid and latest Fedora, so it can be considered testing.
According to mer gitlab (https://git.merproject.org/mer-core/ca-certificates), they're using Fedora as upstream for ca-certificates. Looks like it does not have a maintainer.
Fenuks ( 2016-08-29 09:37:22 +0200 )editI've contanted mer-project regarding this, hope they can fix it and/or find a maintainer.