libio-socket-ssl-perl (1.951-1) experimental; urgency=low

  Upstream version 1.951 introduced the following two major behaviour changes:

  * ssl_verify_mode now defaults to verify_peer for client.
    Until now it used verify_none, but loudly complained since 1.79 about it.
    It will not complain any longer, but the connection might probably fail.
    Please don't simply disable ssl verification, but instead set SSL_ca_file
    etc so that verification succeeds!
  * it will now complain if the builtin defaults of certs/my-ca.pem or ca/
    for CA and certs/{server,client}-{key,cert}.pem for cert and key are used,
    e.g. no certificates are specified explicitly.
    In the future these insecure (relative path!) defaults will be removed
    and the CA replaced with the system defaults.

 -- Salvatore Bonaccorso <carnil@debian.org>  Sun, 07 Jul 2013 22:33:29 +0200

libio-socket-ssl-perl (1.88-1) unstable; urgency=low

  Upstream version 1.79 introduced the following change: IO::Socket::SSL will
  complain if SSL_verify_mode is SSL_VERIFY_NONE for client unless it was
  explicity set this way. In the future the default will change to verify the
  server certificate and apps, which don't provide the necessary credentials
  should fail.

  The module will carp with:

  *******************************************************************
   Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client
   is deprecated! Please set SSL_verify_mode to SSL_VERIFY_PEER
   together with SSL_ca_file|SSL_ca_path for verification.
   If you really don't want to verify the certificate and keep the
   connection open to Man-In-The-Middle attacks please set
   SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application.
  *******************************************************************

 -- Salvatore Bonaccorso <carnil@debian.org>  Mon, 13 May 2013 21:58:44 +0200
