Hi Dominic On Thu, Dec 09, 2010 at 05:15:41PM +0000, Dominic Hargreaves wrote: > Has anyone checked to see whether this security issue applies to stable?
Not yet checked, at least me, so far I have done only first unstable, now t-p-u upload. I add Moritz, in case he already did? In lenny we have: ---(snip)--------------------------------------------------------------- my $verify_mode = $arg_hash->{SSL_verify_mode}; unless ($verify_mode == Net::SSLeay::VERIFY_NONE()) { Net::SSLeay::CTX_load_verify_locations( $ctx, $arg_hash->{SSL_ca_file},$arg_hash->{SSL_ca_path} ) || return IO::Socket::SSL->error("Invalid certificate authority locations"); } ------------------------------------------------------------------------ So here we do not change the verify_mode. So IMHO lenny should be ok, right? Bests Salvatore
signature.asc
Description: Digital signature