diff options
author | dpash <dpash@dbcabf3a-b0e7-0310-adc4-f8d773084564> | 2005-07-17 16:40:28 +0000 |
---|---|---|
committer | dpash <dpash@dbcabf3a-b0e7-0310-adc4-f8d773084564> | 2005-07-17 16:40:28 +0000 |
commit | 9d609752be72d093c942e53064333440b30105e5 (patch) | |
tree | 4720d89c0bfbdfe1957fa087d83ecbc619212747 /debian | |
parent | a72e65d9edc7bcc056dc8be8828f0bd9dd9dbb7c (diff) | |
download | irssi-9d609752be72d093c942e53064333440b30105e5.zip |
Warn people about the lack of certificate verification in the gnutls
code.
git-svn-id: http://svn.irssi.org/repos/irssi/trunk@3863 dbcabf3a-b0e7-0310-adc4-f8d773084564
Diffstat (limited to 'debian')
-rw-r--r-- | debian/NEWS.Debian | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/debian/NEWS.Debian b/debian/NEWS.Debian new file mode 100644 index 00000000..e6a5aafa --- /dev/null +++ b/debian/NEWS.Debian @@ -0,0 +1,12 @@ +irssi (0.8.10~rc5-1) unstable; urgency=low + + * This package has the beginnings of GNUTLS support for SSL rather + than the upstream OpenSSL code. This may have many bugs in and is + not feature complete. In particular it does not support verification + of the server's certificate. As a result the connection is vunerable + to man in the middle attack. This is only a regression if you use + the -cafile or -capath options to /connect. The data is still + encrypted. + + -- David Pashley <david@davidpashley.com> Sun, 17 Jul 2005 19:39:37 +0300 + |