Severity: severe
Hi,
This bug is still here in Squeeze and is now even more annoying.
Now that murmurd checks for it's own cert validity, it refuses to accept any
connexion if the certificate is not signed by an authority contained in the CA
bundle embedded in /usr/lib/libQtNetwork.so.4
So th
I think that this package is in violation of Debian policy :
http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files
The data contained in /usr/lib/libQtNetwork.so.4 "affects the operation of a
program, or provides site- or host-specific information, or otherwise
customizes the beh
Package: libqt4-network
Version: 4.4.3-1
Severity: grave
Justification: user security hole
Tags: patch security
Applications using QT SSL Layer fail to verify SSL encrypted connexion
because system-wide installed certificates authorities are not read (can
be verified with strace)
For example, mum
Hi,
Reading this bug report on mumble might help you to analyse the problem :
https://sourceforge.net/tracker/?func=detail&aid=2793899&group_id=147372&atid=768005
Regards,
François.
--
To UNSUBSCRIBE, email to debian-qt-kde-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Co
On 25 Sep 2011, at 20:06, Philipp Kern wrote:
> You can actually recompile them to ship with your own certs. But you
> cannot quote non-existent configuration files not being in /etc as a
> reason for a policy violation and hence upgrade it to serious, sorry.
>
> Kind regards
> Philipp Kern
Ok
Hi,
Feedback from Nokia:
"Thank you for reporting. We actually removed this code now since we
cannot change the behavior of Qt when applications already rely on
something different."
So I guess it's been broken so long they're not going to fix it. Sounds
a bit odd to me, but it's their choice.
6 matches
Mail list logo
