[pkg-lynx-maint] Processed: severity of 991971 is serious
Debian Bug Tracking System
owner at bugs.debian.org
Sun Aug 8 00:33:03 BST 2021
Processing commands for control at bugs.debian.org:
> # Has security impact, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991971#24 — working on an update for Bullseye
> severity 991971 serious
Bug #991971 {Done: Andreas Metzler <ametzler at debian.org>} [lynx] lynx: [CVE-2021-38165] SSL certificate validation fails with URLs containing user name or user name and password, i.e. https://user:password@host/ and https://user@host/\; leaks password in clear text via SNI
Severity set to 'serious' from 'important'
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
991971: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991971
Debian Bug Tracking System
Contact owner at bugs.debian.org with problems
More information about the pkg-lynx-maint
mailing list