Package: pidgin-otr Version: 3.2.0-4 Severity: important
pidgin-otr has a configuration to disable logging in the plugin preferences. This configuration appears to be disabled by default, so that conversations will be logged by default. The whole point of Off-the-Record is to avoid keeping a record of conversations, so this default is wrong, insecure. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable') Architecture: i386 (x86_64) Kernel: Linux 2.6.30.5 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages pidgin-otr depends on: ii libc6 2.9-25 GNU C Library: Shared libraries ii libgcrypt11 1.4.4-4 LGPL Crypto library - runtime libr ii libotr2 3.2.0-1 Off-the-Record Messaging library ii pidgin 2.6.2-1 graphical multi-protocol instant m pidgin-otr recommends no packages. pidgin-otr suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org