[Bug 1456778] Re: default configuration for irc clients should use ssl servers

Launchpad Bug Tracker 1456778 at bugs.launchpad.net
Fri Jul 27 21:54:29 UTC 2018 

This bug was fixed in the package irssi - 1.1.1-1ubuntu1

---------------
irssi (1.1.1-1ubuntu1) devel; urgency=medium

  * Merge from Debian. Remaining changes:
    - Refresh and re-enabled 20fix_ssl_proxy_hostname_check.
      - When we have a proxy setting, we expect the CN to match
        the proxy hostname, not the server hostname.
    - d/p/03firsttimer_text:
      + Adapt 03firsttimer_text so it tells you about
        connecting to freenode and joining #ubuntu.
  * Changes no longer needed:
    - d/p/90irc-ubuntu-com:
      + irc.ubuntu.com was a CNAME to irc.freenode.net, but this prevents us
        from recommending and verifying TLS connections.  (LP: #1456778)

irssi (1.1.1-1) unstable; urgency=medium

  [ Rhonda D'Vine ]
  * New upstream release.
  * Uploaded from mIRC.
  * Adjust 03firsttimer_text patch for new location of the text.
  * Update copyright format URL to use https.
  * Install example scripts.
  * Bump Standards-Version to 4.1.4.
  * Move repository to salsa, update Vcs-* URLs.

  [ Unit 193 ]
  * Use https for upstream homepage.
  * /connect OFTC instead of irc.debian.org to get an ssl connection.

 -- Unit 193 <unit193 at ubuntu.com>  Fri, 27 Jul 2018 07:01:51 -0400

** Changed in: irssi (Ubuntu)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to irssi in Ubuntu.
https://bugs.launchpad.net/bugs/1456778

Title:
  default configuration for irc clients should use ssl servers

Status in irssi package in Ubuntu:
  Fix Released

Bug description:
  Ubuntu 14.04.2 LTS irssi 0.8.15-5ubuntu3

  irssi installs a default list of IRC networks and servers, all using
  unencrypted communications. This allows eavesdropping, e.g. if people
  access the Internet from an insecure wifi connection. This allows
  eavesdroppers to record conversations and nickserv passwords and
  possibly to impersonate the legitimate users.

  Many of these networks (e.g. OFTC, Freenode) now provide SSL servers.
  They should be configured in the default irssi configuration file that
  is installed if the user has none.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/irssi/+bug/1456778/+subscriptions

More information about the foundations-bugs mailing list