Hi, I'd like to upload qtpass 1.2.1 to stretch-backports. The reason is that QtPass' built-in password generator was insecure before 1.2.1 and while the default configuration in stretch is not vulnerable, the situation is different for users of stretch-backports. In August 2017 a new version of `pass` was uploaded to stretch-backports which doesn't recommend `pwgen` anymore. This means that QtPass will probably have used the built-in password generator since then, resulting in insecure passwords for users of stretch-backports since August 2017. I proposed this procedure to the security team and they where happy with it. Here is the package: https://mentors.debian.net/debian/pool/main/q/qtpass/qtpass_1.2.1-1~bpo9+1.dsc https://salsa.debian.org/debian/qtpass/tree/debian/stretch-backports Could you please review and sponsor this upload? Best, Philip
Attachment:
signature.asc
Description: OpenPGP digital signature