viq <[email protected]> writes: > On Mon, Dec 15, 2014 at 12:41 AM, viq <[email protected]> wrote: >> http://sleekxmpp.com/ > > And it usually works better with a tarball attached.
I think - I don't use XMPP - that TLS certificate verification and SRV
records processing are expected nowadays. Thus I propose to make
py-asn1-modules and dnspython hard requirements. What do you think?
Here's an updated tarball that also applies the ${SETENV} ${MAKE_ENV}
dance to do-test. Some tests are failing but their number seems to vary
and to depend on timing.
I'm a bit worried though about the thirdparty subdir: the gnupg.py file
seems to be affected by the same issue as our py-gnupg package, which
could use an update. I don't know right now how problematic this CVE
is.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1927
py-sleekxmpp.tgz
Description: Binary data
-- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
