-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 The “repeated gas boiler replacement” release.
tarball: http://telepathy.freedesktop.org/releases/telepathy-gabble/telepathy-gabble-0.16.6.tar.gz signature: http://telepathy.freedesktop.org/releases/telepathy-gabble/telepathy-gabble-0.16.6.tar.gz.asc git: http://cgit.freedesktop.org/telepathy/telepathy-gabble This release fixes a man-in-the-middle attack. You should upgrade. If you use an unencrypted connection to a "legacy Jabber" (pre-XMPP) server, this version of Gabble will not connect until you make one of these configuration changes: • upgrade the server software to something that supports XMPP 1.0; or • use an encrypted "old SSL" connection, typically on port 5223 (old-ssl); or • turn off "Encryption required (TLS/SSL)" (require-encryption) Fixes: • fd.o #65036 (CVE-2013-1431): update Wocky to respect the tls-required flag on legacy Jabber servers (Simon) • fd.o #63119: improve regression tests' isolation from the session bus (Simon) -----BEGIN PGP SIGNATURE----- iQIVAwUBUadoB03o/ypjx8yQAQgVBA/+JeR8cGRmL0jgx5GxUOy34B6YrJ2eemwU m8HwX2eX2F5Beng9bgSDubuxRqiBmsrl4igTJDuQQFZJBx3AjpMjRq9sJpxUZxH9 Dk55kiReL1vzVkW6El7T7ehON3E3h5x5q92Ew9Hf8rjqLlbQXX7qKkvqM0eyBGi3 iOIO21j6Rz5dzesdgmagqzhC51mei42a0E7jFO0uclsPMjCVhILEg0NzOnoV48hC 1OTDX4cZtAxuarhgtESHNv2tMjENJYsusN9d24mKUewk/ko0UvjRAeXwLSutCaEY BMQvAIeqJ/o4ytCekaekATbsHdP0HLiGWOPJHsRXSymfoSC7V85e5b4Vyh1uaDHG WOYdEoVKAMXDQ2YsA2p4IvUJ1s+myI8CsLsJeXPLz7sdMtTcoXrn6EqCi7NMj2z5 ycTlL9IKWsptzEHoJlvewqZiM/6X1FH9Sc/jVWzMeCRGx/vpbeHKCqNCYHNzNHuc oNDc3C35CgWYqwTznPPh9mUd8DB2M1uOh+XW5aRs6Tr0qxNeoCkeUYamuv3k0xyh LW+zrGNjfleKVh6SP/q/K0Xq6VZA46e56nZ/cP8cRy9llCqD5Yb69WNDXesG4L9W xivReWRjBocLGW85nUNPqTr5M0k9x+ILkIMhVDFfNBa1oDj0dd1SDqS/R+M9Vhkm FKrCYnOOyzw= =lwMH -----END PGP SIGNATURE----- _______________________________________________ telepathy mailing list telepathy@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/telepathy