Package: postgresql-client-9.1 Version: 9.1.2-4 Severity: normal psql doesn't try to verify the SSL certificate even if sslmode=required is specified, unless there is a .postgresql/root.crt file. I think it's an unsafe default.
-- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (600, 'testing'), (500, 'stable-updates'), (500, 'stable'), (50, 'unstable') Architecture: i386 (i686) Kernel: Linux 3.2.0-1-686-pae (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages postgresql-client-9.1 depends on: ii libc6 2.13-26 ii libedit2 2.11-20080614-3 ii libpq5 9.1.2-4 ii libssl1.0.0 1.0.0g-1 ii postgresql-client-common 128 ii zlib1g 1:1.2.3.4.dfsg-3 postgresql-client-9.1 recommends no packages. Versions of packages postgresql-client-9.1 suggests: pn postgresql-9.1 <none> pn postgresql-doc-9.1 <none> -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
