On Wed, Dec 26, 2012 at 11:16 AM, Kartik Mistry wrote:
> This is done already:
> https://groups.google.com/forum/?fromgroups=#!msg/falconpl/Vnnv0yb-_Bg/Vkl5RFHEk8QJ
> (and related discussions on IRC at #falconpl, Freenode)
Just a note patch is already merged into upstream [1]
[1]
http://git.fal
On Tue, Dec 25, 2012 at 11:11 PM, Alessandro Ghedini wrote:
> After discussing this with the security team, it was decided that it would be
> best if this was fixed before the Wheezy release.
>
> Note that this should be fixed anyway, since as of curl v7.28.1 (which has
> been
> uploaded to exper
Package: falconpl
Severity: serious
Tags: security
Hi,
I recently discovered that falconpl is using the libcurl API in a way that may
not be what the original author intended. In particular I'm referring to the
fact that the CURLOPT_SSL_VERIFYHOST option is treated as it was a boolean value
while
3 matches
Mail list logo
