[Pkg-telepathy-maintainers] Bug#706094: telepathy-idle: does not verify TLS certificates properly
Simon McVittie
smcv at debian.org
Wed Apr 24 16:05:30 UTC 2013
On Wed, 24 Apr 2013 at 16:25:46 +0100, Simon McVittie wrote:
> telepathy-idle < 0.1.15 does not verify that the server's TLS certificate was
> issued by a trusted CA, or that it hasn't expired, or that it matches the
> server's hostname.
Here is a proposed patch for wheezy, either via t-p-u for wheezy r0 or
security/s-p-u for wheezy r1.
S
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Validate-TLS-certificates-Closes-706094.patch
Type: text/x-diff
Size: 3135 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-telepathy-maintainers/attachments/20130424/a473abb0/attachment.patch>
More information about the Pkg-telepathy-maintainers
mailing list