[pkg-lynx-maint] Bug#783477: lynx-cur: default answer for SSL errors should be 'n', not 'y'

Vincent Lefevre vincent at vinc17.net
Mon Apr 27 11:07:58 UTC 2015

Package: lynx-cur
Version: 2.8.9dev5-2
Severity: wishlist

When connecting to a site with an invalid certificate, such as an
expired one, one gets:

  SSL error:The certificate is NOT trusted. The certificate chain uses
  expired certificate. -Continue? (y)

For better security, the default answer should be 'n'.

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages lynx-cur depends on:
ii  libbsd0            0.7.0-2
ii  libbz2-1.0         1.0.6-7+b3
ii  libc6              2.19-18
ii  libgnutls-deb0-28  3.3.8-7
ii  libidn11           1.30-1
ii  libncursesw5       5.9+20140913-1+b1
ii  libtinfo5          5.9+20140913-1+b1
ii  zlib1g             1:1.2.8.dfsg-2+b1

Versions of packages lynx-cur recommends:
ii  mime-support  3.58

lynx-cur suggests no packages.

-- debconf information:
  lynx-cur/defaulturl: http://www.lip.ens-lyon.fr/

More information about the pkg-lynx-maint mailing list