Antoine Beaupre wrote:
> tags -1 -unreproducible
>
> I can reproduce issues with certification verification in Emacs 24.5+1-8
> in Debian Stretch. As documented here:
>
> [...]
>
> I am not sure what changed between Emacs 24 and 25, but it seems to me
> Emacs 24 should absolutely be fixed before St
"Trent W. Buck" writes:
> Stretch currently has both emacs24 and emacs25,
> so is there any major downside to removing emacs24 from Stretch?
I think it would be fairly straightforward, though it might still
require a bit of work to fix the few reverse deps that dak didn't catch,
but Sean and I a
On 2017-02-23 12:41:05, Trent W. Buck wrote:
> Antoine Beaupre wrote:
>> tags -1 -unreproducible
>>
>> I can reproduce issues with certification verification in Emacs 24.5+1-8
>> in Debian Stretch. As documented here:
>>
>> [...]
>>
>> I am not sure what changed between Emacs 24 and 25, but it seem
[Summary: say the word and I (and Sean, I strongly suspect) will
immediately resume the (possibly minimal) work that remains before we
can remove emacs24 from stretch.]
Antoine Beaupre writes:
> I am not sure what changed between Emacs 24 and 25, but it seems to me
> Emacs 24 should absolutel
tags -1 -unreproducible
I can reproduce issues with certification verification in Emacs 24.5+1-8
in Debian Stretch. As documented here:
https://glyph.twistedmatrix.com/2015/11/editor-malware.html
The following script will yield an error:
(let ((bad-hosts
(cl-loop for bad
in
tags +unreproducible
thanks
Rob Browning writes:
> Nathaniel Smith writes:
>
>> And sometimes I've even had it fail on https://wrong.host.badssl.com
>> after setting this (but not always). However, it always happily loads
>> https://self-signed.badssl.com, which means it's providing no
>> prot
Nathaniel Smith writes:
> And sometimes I've even had it fail on https://wrong.host.badssl.com
> after setting this (but not always). However, it always happily loads
> https://self-signed.badssl.com, which means it's providing no
> protection at all against MITM attacks.
So with 24.5+1-6+b2, r
On Fri, Feb 26, 2016 at 09:34:33PM -0800, Nathaniel Smith wrote:
> Package: emacs24
> Version: 24.5+1-6+b1
> Severity: serious
> Tags: security
> Justification: 5(b) of https://release.debian.org/testing/rc_policy.txt
>
> Debian's emacs builds are linked against gnutls:
>
> (gnutls-available-p)
>
Package: emacs24
Version: 24.5+1-6+b1
Severity: serious
Tags: security
Justification: 5(b) of https://release.debian.org/testing/rc_policy.txt
Debian's emacs builds are linked against gnutls:
(gnutls-available-p)
t
By default, they aren't configured to validate TLS certificates,
leaving users op
9 matches
Mail list logo
