Package: gajim Version: 0.11.2-1 Severity: normal gajim does not validate server SSL/TLS certificates. This can negate a large part of the benefit of using SSL/TLS and makes gajim vulnerable to man-in-the-middle attacks.
psi performs these validations correctly. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (99, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.22-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=en_US (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash Versions of packages gajim depends on: ii python 2.4.4-6 An interactive high-level object-o ii python-glade2 2.12.0-1 GTK+ bindings: Glade support ii python-gtk2 2.12.0-1 Python bindings for the GTK+ widge ii python-pysqlite2 2.3.5-1 python interface to SQLite 3 ii python-support 0.7.4 automated rebuilding support for p Versions of packages gajim recommends: ii dbus 1.1.1-3 simple interprocess messaging syst ii dnsutils 1:9.4.1-P1-3 Clients provided with BIND ii notification-daemon 0.3.7-1+b1 a daemon that displays passive pop ii python-dbus 0.82.3-1 simple interprocess messaging syst ii python-gnupginterface 0.3.2-9 Python interface to GnuPG (GPG) -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
