Hottest Free Downloads - DownloadPipe.com Over 197,000 downloads! Bookmark Now!
DownloadPipe.com - New Downloads Every Minute
 SEARCH:
FAQFAQ    SearchSearch      ProfileProfile    Private MessagesPrivate Messages   Log inLog in

Bug#510348: does not appear to do any certificate validation

  
   Linux (Home) -> Bugs RC RSS
Next:  Bug#505563: Mozilla Thunderbird Multiple Vulnerab..  
Author Message
Neil Moore

External


Since: Jan 01, 2009
Posts: 2



(Msg. 1) Posted: Thu Jan 01, 2009 4:10 pm
Post subject: Bug#510348: does not appear to do any certificate validation
Archived from groups: linux>debian>bugs>rc (more info?)
The bug appears worse than that. I also get no errors when accessing
a site with a self-signed certificate; or with the wrong hostname in
the certificate. This is, I think, a pretty serious flaw as it makes
impersonation or an active man-in-the-middle attack very easy. On the
other hand, dillo does not display a padlock icon, so it could be
argued that users have no expectation of security from dillo.

--
Neil Moore, neil RemoveThis @s-z.org, http://s-z.org/neil/



--
To UNSUBSCRIBE, email to debian-bugs-rc-REQUEST RemoveThis @lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster RemoveThis @lists.debian.org
Back to top
Login to vote
Display posts from previous:   
Related Topics:
Bug#368222: xbat: Unable to reproduce - Package: xbat Version: 1.11-9.1 Followup-For: Bug #368222 Subject: xbat: Unable to reproduce Followup-For: Bug #368222 Package: xbat Version: 1.11-9.1 I'm unable to reproduce the bug. Altought I'm an excelent player :P, I lose all my lifes and the..

Bug#338537: mffm-fftw1c2 should Conflicts: and Replaces: m.. - Package: mffm-fftw1c2 Version: 1.6-1 Followup-For: Bug #338537 mffm-fftw1c2 needs to do both of the following: Conflicts: mffm-fmtw1 Replaces: mffm-fftw1 Ordinarily when a package is renamed, it Provides: the former name as well, but in this case it..

Bug#368278: A few breakages - Package: xpostit Severity: serious Tags: patch It installs man pages still into /usr/X11R6/man. This is now a policy violation since the old exceptions for X using packages have been removed. The path in the menu file is wrong when compiled with a..

Bug#368284: still uses X11R6 directories - Package: xipmsg Severity: serious Tags: patch This is a policy violation now. Patch (despite changelog entry not intended for immediate upload): diff -Naur xipmsg-0.8088/debian/changelog xipmsg-0.8088.nmu/debian/changelog ---..

Bug#368407: Should conflict with tasksel (<< 2.45) - Package: tasksel-data Version: 2.45 Severity: grave -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I tried to update tasksel-data today together with several other packages, including tasksel. The update failed, because tasksel-data tried to overwrite ...
       Linux (Home) -> Bugs RC All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Categories:
 Windows Forums
 Game Forums
  Linux Forums
 Mac Forums
 PDA Forums
 Mobile Forums
  Top  |  Store  |  RSS Feeds RSS  |  Data Feeds  |  Advertise  |  Submit  |  Bookmark  |  Newsletter  |  Contact