Bug#603594: doesn't perform any ssl certificate checking (in the squeeze version)

Daniel Kahn Gillmor dkg at fifthhorseman.net
Mon Nov 15 18:10:45 UTC 2010


Package: epiphany-browser
Severity: normal

I'm currently visiting https://i.broke.the.internet.and.all.i.got.was.this.t-shirt.phreedom.org/ with epiphany-browser (version 2.30.6-1), and i see a broken 
lock in the right-hand side of the address bar, and in the lower-left corner of the status bar.

hovering over the status bar broken-lock icon shows me a tooltip that says:

"Security Level: Broken"

We can argue about whether it's appropriate to go ahead and render the page anyway, but it does not seem to be the case that the browser is not performing *any* 
ssl certificate checking.

	--dkg

-- System Information: Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages epiphany-browser depends on:
ii  dbus-x11                    1.2.24-3     simple interprocess messaging syst
ii  epiphany-browser-data       2.30.6-1     Data files for the GNOME web brows
ii  gnome-icon-theme            2.30.3-1     GNOME Desktop icon theme
ii  iso-codes                   3.22-1       ISO language, territory, currency,
ii  libavahi-client3            0.6.27-2     Avahi client library
ii  libavahi-common3            0.6.27-2     Avahi common library
ii  libavahi-gobject0           0.6.27-2     Avahi GObject library
ii  libc6                       2.11.2-7     Embedded GNU C Library: Shared lib
ii  libcairo2                   1.8.10-6     The Cairo 2D vector graphics libra
ii  libdbus-1-3                 1.2.24-3     simple interprocess messaging syst
ii  libdbus-glib-1-2            0.88-2       simple interprocess messaging syst
ii  libgconf2-4                 2.28.1-5     GNOME configuration database syste
ii  libgirepository1.0-0        0.6.14-1+b1  Library for handling GObject intro
ii  libglib2.0-0                2.24.2-1     The GLib library of C routines
ii  libgnome-keyring0           2.30.1-1     GNOME keyring services library
ii  libgtk2.0-0                 2.20.1-2     The GTK+ graphical user interface 
ii  libice6                     2:1.0.6-2    X11 Inter-Client Exchange library
ii  libnotify1 [libnotify1-gtk2 0.5.0-2      sends desktop notifications to a n
ii  libnspr4-0d                 4.8.6-1      NetScape Portable Runtime Library
ii  libnss3-1d                  3.12.8-1     Network Security Service libraries
ii  libpango1.0-0               1.28.3-1     Layout and rendering of internatio
ii  libseed0                    2.30.0-1+b1  GObject JavaScript bindings for th
ii  libsm6                      2:1.1.1-1    X11 Session Management library
ii  libsoup-gnome2.4-1          2.30.2-1     an HTTP library implementation in 
ii  libsoup2.4-1                2.30.2-1     an HTTP library implementation in 
ii  libwebkit-1.0-2             1.2.5-2      Web content engine library for Gtk
ii  libx11-6                    2:1.3.3-3    X11 client-side library
ii  libxml2                     2.7.8.dfsg-1 GNOME XML library
ii  libxslt1.1                  1.1.26-6     XSLT 1.0 processing library - runt

Versions of packages epiphany-browser recommends:
ii  ca-certificates          20090814+nmu2   Common CA certificates
ii  evince                   2.30.3-1        Document (postscript, pdf) viewer
ii  yelp                     2.30.1+webkit-1 Help browser for GNOME

Versions of packages epiphany-browser suggests:
ii  epiphany-extensions           2.30.2-1   Extensions for Epiphany web browse

-- no debconf information






More information about the pkg-gnome-maintainers mailing list