Hi Dominic On Thu, Dec 09, 2010 at 05:15:41PM +0000, Dominic Hargreaves wrote: > Has anyone checked to see whether this security issue applies to stable?
Not yet checked, at least me, so far I have done only first unstable,
now t-p-u upload. I add Moritz, in case he already did?
In lenny we have:
---(snip)---------------------------------------------------------------
my $verify_mode = $arg_hash->{SSL_verify_mode};
unless ($verify_mode == Net::SSLeay::VERIFY_NONE()) {
Net::SSLeay::CTX_load_verify_locations(
$ctx, $arg_hash->{SSL_ca_file},$arg_hash->{SSL_ca_path}
) || return IO::Socket::SSL->error("Invalid certificate authority
locations");
}
------------------------------------------------------------------------
So here we do not change the verify_mode. So IMHO lenny should be ok,
right?
Bests
Salvatore
signature.asc
Description: Digital signature
