Bug#706142: tpu (or pu): telepathy-idle/0.1.11-2+deb7u1

To: Simon McVittie <smcv@debian.org>, 706142@bugs.debian.org
Subject: Bug#706142: tpu (or pu): telepathy-idle/0.1.11-2+deb7u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 11 May 2013 17:58:06 +0100
Message-id: <[🔎] 1368291486.7990.41.camel@jacala.jungle.funky-badger.org>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 706142@bugs.debian.org
In-reply-to: <20130425114758.GA1382@reptile.pseudorandom.co.uk>
References: <20130425114758.GA1382@reptile.pseudorandom.co.uk>

Control: tags -1 + confirmed

On Thu, 2013-04-25 at 12:47 +0100, Simon McVittie wrote:
> The version of telepathy-idle in wheezy does not validate IRC servers'
> SSL certificates when used with SSL (#706094, CVE ID requested).
> 
> The version in sid was already newer than wheezy, so I uploaded the
> fixed upstream version there directly. For wheezy, I suggest a more minimal
> patch (attached) - this breaks a regression test which uses a pre-generated
> self-signed certificate, but we don't run those tests in Debian anyway.

+telepathy-idle (0.1.11-2+deb7u1) UNRELEASED; urgency=low
+
+  * Validate TLS certificates (Closes: #706094)
+
+ -- Simon McVittie <smcv@debian.org>  Wed, 24 Apr 2013 16:43:37 +0100

Please go ahead with an upload for stable.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#706142: tpu (or pu): telepathy-idle/0.1.11-2+deb7u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Bug#697751: pu: package gdm3/2.30.5-6squeeze5
Next by Date: Processed: Re: Bug#706142: tpu (or pu): telepathy-idle/0.1.11-2+deb7u1
Previous by thread: Processed: Re: Bug#697751: pu: package gdm3/2.30.5-6squeeze5
Next by thread: Processed: Re: Bug#706142: tpu (or pu): telepathy-idle/0.1.11-2+deb7u1
Index(es):
- Date
- Thread