[Pkg-telepathy-maintainers] Bug#706094: telepathy-idle: does not verify TLS certificates properly
Simon McVittie
smcv at debian.org
Wed Apr 24 15:25:46 UTC 2013
Package: telepathy-idle
Version: 0.1.6-1
Severity: important
Tags: upstream
telepathy-idle < 0.1.15 does not verify that the server's TLS certificate was
issued by a trusted CA, or that it hasn't expired, or that it matches the
server's hostname.
Additionally, telepathy-idle < 0.1.11 does not do any verification at all.
S
More information about the Pkg-telepathy-maintainers
mailing list