From 811a424c034d3a6c3a9467cd44ddf6b9393d69b9 Mon Sep 17 00:00:00 2001
From: Simon McVittie <simon.mcvittie@collabora.co.uk>
Date: Tue, 28 May 2013 11:44:53 +0100
Subject: [PATCH 2/4] NEWS: update and describe configuration changes for fd.o
 #65036

---
 NEWS |   21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/NEWS b/NEWS
index 5cd2165..4d3ffde 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,24 @@
+telepathy-gabble 0.16.6 (UNRELEASED)
+====================================
+
+This release fixes a man-in-the-middle attack. You should upgrade.
+
+If you use an unencrypted connection to a "legacy Jabber" (pre-XMPP)
+server, this version of Gabble will not connect until you make
+one of these configuration changes:
+
+• upgrade the server software to something that supports XMPP 1.0; or
+• use an encrypted "old SSL" connection, typically on port 5223 (old-ssl); or
+• turn off "Encryption required (TLS/SSL)" (require-encryption)
+
+Fixes:
+
+• fd.o #65036: update Wocky to respect the tls-required flag on
+  legacy Jabber servers (Simon)
+
+• fd.o #63119: improve regression tests' isolation from the session bus
+  (Simon)
+
 telepathy-gabble 0.16.5 (2013-03-01)
 ====================================
 
-- 
1.7.10.4