[Pkg-xmpp-devel] Bug#987876: Gajim update invalidates encryption settings
Patrick Schleizer
adrelanos at whonix.org
Sat May 1 10:00:13 BST 2021
Package: gajim
Severity: important
X-Debbugs-CC: whonix-devel at whonix.org
Quote https://dev.gajim.org/gajim/gajim/-/issues/10527
> Steps to reproduce:
>
> Configure gajim to encrypt messages using OMEMO to a specific contact
> Update Gajim to 1.3.1
> Restart Gajim, update the plugins
> Try to send a message
> Expected outcome: the message is encrypted, encryption settings are "OMEMO"
> Actual outcome: the message is not encrypted, encryption settings are "unencrypted"
>
> This is a security issue, because users might send messages thinking they're going to be encrypted, unaware of the fact that the upgrade reset the encryption settings.
More information about the Pkg-xmpp-devel
mailing list