Package: mail-notification Version: 4.0.dfsg.1-1+b1 Severity: important mail-notification falls back to unencrypted connections even when the user has configured a connection to use SSL/TLS. mail-notification will send a user's password over an insecure connection and it can easily be sniffed.
It should be clear to the user that SSL/TLS connections are not possible and there should be no fallback to insecure connections. This is somewhat related to bug #286672 (Can't use SSL/TLS). -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.18-4-k7 (SMP w/1 CPU core) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages mail-notification depends on: ii gnome-icon-theme 2.18.0-3 GNOME Desktop icon theme ii libart-2.0-2 2.3.19-3 Library of functions for 2D graphi ii libatk1.0-0 1.18.0-2 The ATK accessibility toolkit ii libbonobo2-0 2.18.0-2 Bonobo CORBA interfaces library ii libbonoboui2-0 2.18.0-5 The Bonobo UI library ii libc6 2.5-10 GNU C Library: Shared libraries ii libcairo2 1.4.6-1.1 The Cairo 2D vector graphics libra ii libdbus-1-3 1.0.2-5 simple interprocess messaging syst ii libdbus-glib-1-2 0.73-2 simple interprocess messaging syst ii libeel2-2.18 2.18.0.1-2 Eazel Extensions Library (for GNOM ii libfontconfig1 2.4.2-1.2 generic font configuration library ii libfreetype6 2.2.1-6 FreeType 2 font engine, shared lib ii libgail-common 1.18.0-2 GNOME Accessibility Implementation ii libgail18 1.18.0-2 GNOME Accessibility Implementation ii libgconf2-4 2.18.0.1-3 GNOME configuration database syste ii libglade2-0 1:2.6.0-4 library to load .glade files at ru ii libglib2.0-0 2.12.12-1 The GLib library of C routines ii libgmime-2.0-2 2.2.9-1 MIME library, unstable version ii libgnome-keyring0 0.8.1-2 GNOME keyring services library ii libgnome2-0 2.18.0-4 The GNOME 2 library - runtime file ii libgnomecanvas2-0 2.14.0-2 A powerful object-oriented display ii libgnomeui-0 2.18.1-2 The GNOME 2 libraries (User Interf ii libgnomevfs2-0 1:2.18.1-2 GNOME Virtual File System (runtime ii libgtk2.0-0 2.10.12-2 The GTK+ graphical user interface ii libice6 1:1.0.3-2 X11 Inter-Client Exchange library ii libnotify1 [libnotify1 0.4.4-3 sends desktop notifications to a n ii liborbit2 1:2.14.7-0.1 libraries for ORBit2 - a CORBA ORB ii libpango1.0-0 1.16.4-1 Layout and rendering of internatio ii libpng12-0 1.2.15~beta5-2 PNG library - runtime ii libpopt0 1.10-3 lib for parsing cmdline parameters ii libsasl2-2 2.1.22.dfsg1-8+b1 Authentication abstraction library ii libsm6 2:1.0.3-1 X11 Session Management library ii libx11-6 2:1.0.3-7 X11 client-side library ii libxcursor1 1:1.1.8-2 X cursor management library ii libxext6 1:1.0.3-2 X11 miscellaneous extension librar ii libxfixes3 1:4.0.3-2 X11 miscellaneous 'fixes' extensio ii libxi6 1:1.0.1-4 X11 Input extension library ii libxinerama1 1:1.0.2-1 X11 Xinerama extension library ii libxml2 2.6.28.dfsg-1 GNOME XML library ii libxrandr2 2:1.2.1-1 X11 RandR extension library ii libxrender1 1:0.9.2-1 X Rendering Extension client libra ii zlib1g 1:1.2.3-15 compression library - runtime mail-notification recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
