weechat-security
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security vulnerability fixed in WeeChat 3.4.1


From: Sébastien Helleu
Subject: Security vulnerability fixed in WeeChat 3.4.1
Date: Mon, 14 Mar 2022 13:24:25 +0100

Hi all,

A security vulnerability has been fixed in WeeChat 3.4.1, which was released
yesterday: after changing some GnuTLS options, the server certificate is not
verified any more on new TLS connections.

This vulnerability affects WeeChat versions from 3.2 to 3.4.

For more information, see the WeeChat Security Advisory (WSA):
https://weechat.org/doc/security/WSA-2022-1/

-- 
Sébastien Helleu

web: weechat.org / flashtux.org
irc: FlashCode @ irc.libera.chat

Attachment: signature.asc
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]