From fd9b8c94f070b2c318fbfa3c42d4986f364c74c4 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Tue, 7 Dec 2021 13:43:54 -0500
Subject: [PATCH] import ca-certificates-2020.2.50-94.el9

---
 SOURCES/update-ca-trust.8.txt |  6 +++---
 SPECS/ca-certificates.spec    | 17 ++++++++---------
 2 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/SOURCES/update-ca-trust.8.txt b/SOURCES/update-ca-trust.8.txt
index 93143da..5886cb5 100644
--- a/SOURCES/update-ca-trust.8.txt
+++ b/SOURCES/update-ca-trust.8.txt
@@ -98,13 +98,13 @@ subdirectory in the /etc hierarchy.
 * add it as a new file to directory /etc/pki/ca-trust/source/anchors/
 * run 'update-ca-trust extract'
 
-.*QUICK HELP 2*: If your certificate is in the extended BEGIN TRUSTED file format (which may contain distrust/blacklist trust flags, or trust flags for usages other than TLS) then:
+.*QUICK HELP 2*: If your certificate is in the extended BEGIN TRUSTED file format (which may contain distrust/blocklist trust flags, or trust flags for usages other than TLS) then:
 * add it as a new file to directory /etc/pki/ca-trust/source/
 * run 'update-ca-trust extract'
 
 .In order to offer simplicity and flexibility, the way certificate files are treated depends on the subdirectory they are installed to.
 * simple trust anchors subdirectory: /usr/share/pki/ca-trust-source/anchors/ or /etc/pki/ca-trust/source/anchors/
-* simple blacklist (distrust) subdirectory: /usr/share/pki/ca-trust-source/blacklist/ or /etc/pki/ca-trust/source/blacklist/
+* simple blocklist (distrust) subdirectory: /usr/share/pki/ca-trust-source/blocklist/ or /etc/pki/ca-trust/source/blocklist/
 * extended format directory: /usr/share/pki/ca-trust-source/ or /etc/pki/ca-trust/source/
 
 .In the main directories /usr/share/pki/ca-trust-source/ or /etc/pki/ca-trust/source/ you may install one or multiple files in the following file formats:
@@ -134,7 +134,7 @@ you may install one or multiple certificates in either the DER file
 format or in the PEM (BEGIN/END CERTIFICATE) file format.
 Each certificate will be treated as *trusted* for all purposes.
 
-In the blacklist subdirectories /usr/share/pki/ca-trust-source/blacklist/ or /etc/pki/ca-trust/source/blacklist/
+In the blocklist subdirectories /usr/share/pki/ca-trust-source/blocklist/ or /etc/pki/ca-trust/source/blocklist/
 you may install one or multiple certificates in either the DER file
 format or in the PEM (BEGIN/END CERTIFICATE) file format.
 Each certificate will be treated as *distrusted* for all purposes.
diff --git a/SPECS/ca-certificates.spec b/SPECS/ca-certificates.spec
index 50a6289..3d83899 100644
--- a/SPECS/ca-certificates.spec
+++ b/SPECS/ca-certificates.spec
@@ -38,7 +38,7 @@ Name: ca-certificates
 Version: 2020.2.50
 # for y-stream, please always use 91 <= release  < 100 (91,92,93)
 # for z-stream release branches, please use 90 <= release  < 91 (90.0, 90.1, ...)
-Release: 93%{?dist}
+Release: 94%{?dist}
 License: Public Domain
 
 URL: https://fedoraproject.org/wiki/CA-Certificates
@@ -71,10 +71,10 @@ Requires(post): coreutils
 Requires: bash
 Requires: grep
 Requires: sed
-Requires(post): p11-kit >= 0.23.19
-Requires(post): p11-kit-trust >= 0.23.19
-Requires: p11-kit >= 0.23.19
-Requires: p11-kit-trust >= 0.23.19
+Requires(post): p11-kit >= 0.24
+Requires(post): p11-kit-trust >= 0.24
+Requires: p11-kit >= 0.24
+Requires: p11-kit-trust >= 0.24
 
 BuildRequires: perl-interpreter
 BuildRequires: python3
@@ -185,7 +185,6 @@ mkdir -p -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/ssl
 mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/source
 mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/source/anchors
 mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/source/blocklist
-mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/source/blacklist
 mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/extracted
 mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/extracted/pem
 mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/extracted/openssl
@@ -194,7 +193,6 @@ mkdir -p -m 755 $RPM_BUILD_ROOT%{catrustdir}/extracted/edk2
 mkdir -p -m 755 $RPM_BUILD_ROOT%{_datadir}/pki/ca-trust-source
 mkdir -p -m 755 $RPM_BUILD_ROOT%{_datadir}/pki/ca-trust-source/anchors
 mkdir -p -m 755 $RPM_BUILD_ROOT%{_datadir}/pki/ca-trust-source/blocklist
-mkdir -p -m 755 $RPM_BUILD_ROOT%{_datadir}/pki/ca-trust-source/blacklist
 mkdir -p -m 755 $RPM_BUILD_ROOT%{_datadir}/pki/ca-trust-legacy
 mkdir -p -m 755 $RPM_BUILD_ROOT%{_bindir}
 mkdir -p -m 755 $RPM_BUILD_ROOT%{_mandir}/man8
@@ -344,7 +342,6 @@ fi
 %dir %{catrustdir}/source
 %dir %{catrustdir}/source/anchors
 %dir %{catrustdir}/source/blocklist
-%dir %{catrustdir}/source/blacklist
 %dir %{catrustdir}/extracted
 %dir %{catrustdir}/extracted/pem
 %dir %{catrustdir}/extracted/openssl
@@ -353,7 +350,6 @@ fi
 %dir %{_datadir}/pki/ca-trust-source
 %dir %{_datadir}/pki/ca-trust-source/anchors
 %dir %{_datadir}/pki/ca-trust-source/blocklist
-%dir %{_datadir}/pki/ca-trust-source/blacklist
 %dir %{_datadir}/pki/ca-trust-legacy
 
 %config(noreplace) %{catrustdir}/ca-legacy.conf
@@ -399,6 +395,9 @@ fi
 
 
 %changelog
+* Mon Nov 1 2021 Bob Relyea <rrelyea@redhat.com> - 2020.2.50-94
+- remove blacklist directory and references now that p11-kit has been updated.
+
 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2020.2.50-93
 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
   Related: rhbz#1991688