[Pkg-xmpp-devel] Bug#851997: No TLS encryption possible
Karsten Malcher
debian at decotrain.de
Fri Jan 20 16:40:30 UTC 2017
Package: jabberd2
Version: 2.4.0-1~bpo8+1
Justification: user security hole
Severity: grave
Tags: security
I am sorry to report this, but the users of jabberd2 should now that there is no encryption possible with this package.
An configuration with encryption settings is ignored and an unencrypted connection is opened without warnings.
I could verify this in an wireshark session.
Wasting many time to get it running with a working TLS i had to give up.
There is no interest from the developer to solve the problem.
Please refer to this bugs that include further links:
https://github.com/jabberd2/jabberd2/issues/137
https://github.com/jabberd2/jabberd2/issues/141
Regards
Karsten
More information about the Pkg-xmpp-devel
mailing list