diff options
author | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2013-05-30 12:55:31 +0100 |
---|---|---|
committer | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2013-05-30 12:55:31 +0100 |
commit | 880a75bbf354d48a706c56afafd381040a1d9de8 (patch) | |
tree | d19d27821d7f70646ceeb722cd336f463459d6bc /NEWS | |
parent | 3157284e58195cab12a404752f7d96e3c4ea650b (diff) | |
parent | 84a20687c54c84aa61c9f3a606c8eb3bd14a8544 (diff) |
Merge branch 'telepathy-gabble-0.16'
Conflicts:
NEWS
configure.ac
lib/ext/wocky
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 15 |
1 files changed, 15 insertions, 0 deletions
@@ -1,11 +1,26 @@ telepathy-gabble 0.17.4 (UNRELEASED) ==================================== +This release fixes the same man-in-the-middle attack as 0.16.6. + +If you use an unencrypted connection to a "legacy Jabber" (pre-XMPP) +server, this version of Gabble will not connect until you make +one of these configuration changes: + +• upgrade the server software to something that supports XMPP 1.0; or +• use an encrypted "old SSL" connection, typically on port 5223 (old-ssl); or +• turn off "Encryption required (TLS/SSL)" (require-encryption) + Fixes: • update Wocky: · fd.o #61792: fix linking an example program with ld versions that default to --no-copy-dt-needed-entries + · fd.o #65036 (CVE-2013-1431): update Wocky to respect the tls-required + flag on legacy Jabber servers + +• fd.o #63119: improve regression tests' isolation from the session bus + (Simon) telepathy-gabble 0.17.3 (2013-03-01) ==================================== |