[jitsi-dev] Important security hole, trac bug #952


#1

Just stumbled upon this 2 year old bug. From what I understand this deeply compromises OTR. Any chance this could be addressed or looked into?

https://trac.jitsi.org/ticket/952


#2

Just stumbled upon this 2 year old bug. From what I understand this deeply
compromises OTR. Any chance this could be addressed or looked into?

https://trac.jitsi.org/ticket/952

The part about the log-history-option not being stored has AFAIK long been
fixed. Do you experience this otherwise?

Logging the chat history when OTR is enabled is an entirely different story.
You may open a feature request to optionally not log OTR enabled chats if
you wish.

Ingo