From ${URL} : Description A security issue has been reported in transifex-client, which can be exploited by malicious people to conduct spoofing attacks. The security issue is caused due to the application not properly verifying the server SSL certificate. This can be exploited to e.g. spoof the server via a MitM (Man-in-the-Middle) attack and e.g. disclose potentially sensitive information. The security issue is reported in version 0.8. Prior versions may also be affected. Solution Update to version 0.9. Provided and/or discovered by Florian Weimer, Red Hat Product Security Team. Original Advisory Transifex: http://blog.transifex.com/post/51072109836/new-version-of-the-transifex-client-has-been-released @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
The package is already in tree. Go ahead and stabilize it
Please CC the arches whenever you feel ready
I don't see any reason not to. Arches, please stable =app-i18n/transifex-client-0.9.2, target arches amd64, x86. Thanks!
amd64 stable
x86 stable
GLSA vote: no
GLSA vote: no. Closing as [noglsa]
