vdirsyncer (0.19.0-1) unstable; urgency=medium

  Changes to TLS (a.k.a. SSL) configuration:
  * Support for md5 and sha1 certificate fingerprints has been dropped.
    If you're validating certificate fingerprints, use sha256 instead.
  * When using a custom verify_fingerprint,
    CA validation is always disabled.
  * If verify_fingerprint is unset,
    CA verification is always active.
    Disabling both features is insecure and no longer supported.
  * The verify parameter no longer takes boolean values,
    it is now optional
    and only takes a string to a custom CA for verification.
  * The verify and verify_fingerprint will likely be merged
    into a single parameter in future.

  Changes to storage plugin "google":
  * Authenticated access now requires Python module aiohttp-oauthlib.

 -- Jonas Smedegaard <dr@jones.dk>  Sat, 17 Dec 2022 13:59:49 +0100