Hi Tomasz,
Tomasz Buchert writes:
> it seems unlikely that we will be able to fix this for stretch. This
> would require a new package upload and this is already a
> no-go. Personally I think that forking libstrophe in the first place
> was not a great idea, but I may lack some context.
Ok, is
Package: profanity
Severity: grave
Tags: security
Justification: user security hole
Dear Maintainer,
Profanity is not built against libmesode[1]. Libmesode is a fork of
libstrophe that allows to validate the certificate chain. Upstream bug
#280 provides more information[2]. Libmesode doesn't
2 matches
Mail list logo
