A new upstream version 1.8.1 is available, you should consider packaging it.
Marked for autoremoval on 28 September due to range-v3: #934838high
Version 1.5.11-1 of telegram-desktop is marked for autoremoval from testing on Sat 28 Sep 2019. It depends (transitively) on range-v3, affected by #934838. You should try to prevent the removal by fixing these RC bugs.
CVE-2019-10044: Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.
CVE-2019-10044: Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.
vcswatch reports that
this package seems to have a new changelog entry (version
1.7.14-1, distribution
unstable) and new commits
in its VCS. You should consider whether it's time to make
an upload.
CVE-2019-10044: Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.
![[bug history graph]](https://qa.debian.org/data/bts/graphs/t/telegram-desktop.png){kind=link}