[Pkg-giraffe-discuss] Bug#812969: libvmime: FTBFS: net_tls_TLSSession.cpp:120:38: error: 'gnutls_certificate_type_set_priority' was not declared in this scope
Carsten Schoenert
c.schoenert at t-online.de
Sat Feb 6 11:17:00 UTC 2016
Hello,
as there are no objections I plan to upload a version 0.9.1-5 this
weekend with the modifications from the previous email.
Hopefully we will see a version 0.9.2 of libvmime in the near future
with some security related fixes.
Am 02.02.2016 um 22:22 schrieb Carsten Schoenert:
> Hello,
>
> Am 02.02.2016 um 07:41 schrieb Carsten Schoenert:
> [...]
>> Yes please please do so!
>> We need a actual version of libvmime! As written on my email to Peter
>> Green, I can't really understand why there is no new release since 2010
>> by the background of the Snowden papers. Providing no security updates
>> will users switch to better handled packages.
>
> based on the message from Andreas Metzler, the debdiff from Peter Green
> and some reading on the GnuTLS website I came to the conclusion that
> removing all the insecure stuff from 'src/net/tls/TLSSession.cpp' and
> using the GnuTLS default setting is the best solution for now. I have
> taken the changes from peter Green and made a patch based on that for
> the patch queue.
> I did some more minor tweaks to the build and pushed this small update
> in all on my GitHub tree for libvmime:
>
> https://github.com/tijuca/libvmime/commits/debian/sid
>
> By this changes the package build is working again in unstable. Lintian
> is still complaining about hardening issues, but these are marked as
> informative and need some deeper investigating in the old Autotool files
> I'm currently not willing to do.
>
> Any objections critics on getting further?
>
--
Regards
Carsten Schoenert
More information about the Pkg-giraffe-discuss
mailing list