CVE-2012-2132: does not indicate whether or not an SSL certificate is valid
Yves-Alexis Perez
corsac at debian.org
Wed Oct 10 14:20:34 UTC 2012
On mer., 2012-10-10 at 09:23 +0300, Henri Salo wrote:
> On Wed, Oct 10, 2012 at 08:13:15AM +0200, Yves-Alexis Perez wrote:
> > Henri, did you actually check? Because, here, loading an https website
> > with a CA not recognized correctly turns the url bar to red.
>
> Yes I tested Midori package in squeeze: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672880#25
>
Well, in Squeeze, the same thing applies than for CVE-2010-3900.
--
Yves-Alexis
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20121010/6dfa0c9f/attachment.pgp>
More information about the pkg-gnome-maintainers
mailing list