severity 702976 important
thanks
On Mon, Jul 01, 2013 at 03:38:13PM +0200, Christoph Anton Mitterer wrote:
> I'm adding the security team now, which I ask to investigate into
> this,...
> Unfortunately this totally broken version leaked into wheezy as well.
Michael Gilbert is a member of the Secu
On Wed, 2013-03-13 at 23:23 +0100, Josselin Mouette wrote:
> I don’t even see it as a bug.
Of course it is...
Otherwise I could easily mitm every connection... o.O
> Epiphany treats the first site as a self-signed one, which thus has the
> same level of security as a non-encrypted connection.
And
Le mercredi 13 mars 2013 à 17:29 +0100, Christoph Anton Mitterer a
écrit :
> It seems that epiphany does at least not check the domainname correctly
> when connection to a site via https.
>
> For example, when I go to:
> https://physik.lmu.de/~mitterer/
> it redirects me automatically to
> https:/
Package: epiphany-browser
Version: 3.4.2-2.1
Severity: critical
Tags: security
Justification: breaks unrelated software
Hi.
Marking this as critical/breask-unrealted-software, as it may allow
attackers to spoof people into downloading forged software/etc.
It seems that epiphany does at least n
4 matches
Mail list logo