If what you say is correct, then most Pidgin installations are not verifying certificates correctly and this isn't just a Debian problem. Any patch needs to address the real issue, especially since upstream has discouraged using GNUTLS.
Miron Cuperman wrote: > I believe this bug was introduced with the "fix" for bug #401567. > > At that time, the SSL implementation was changed from GNUTLS to NSS. > Unfortunately, the NSS plugin in pidgin does no certificate checking at > all, meaning that any certificate is accepted (including malformed or > self-signed ones). -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
