[Pkg-telepathy-maintainers] Bug#706094: telepathy-idle: does not verify TLS certificates properly

Simon McVittie smcv at debian.org
Wed Apr 24 15:25:46 UTC 2013


Package: telepathy-idle
Version: 0.1.6-1
Severity: important
Tags: upstream

telepathy-idle < 0.1.15 does not verify that the server's TLS certificate was
issued by a trusted CA, or that it hasn't expired, or that it matches the
server's hostname.

Additionally, telepathy-idle < 0.1.11 does not do any verification at all.

    S



More information about the Pkg-telepathy-maintainers mailing list