|Created:||January 31, 2014||Updated:||February 5, 2014|
From the Debian bug report:
It's been known  since 2006 that clients supporting both OTRv1 and v2 (such as libotr 3.x) are subject to protocol downgrade attacks clients. It's also been known for a while that OTRv1 has serious security issues (that were the main reason for a v2, actually). In short, support v2 only is the only safe way to go these days.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds