Processed: Re: Bug#745836: wget: certificate revocation is not checked

2014-10-29 Thread Debian Bug Tracking System
Processing control commands: > found -1 1.16-1 Bug #745836 [wget] wget: certificate revocation is not checked Marked as found in versions wget/1.16-1. > tag -1 + upstream Bug #745836 [wget] wget: certificate revocation is not checked Added tag(s) upstream. > clone -1 -2 Bug #745836 [wget] wget: ce

Bug#745836: wget: certificate revocation is not checked

2014-10-29 Thread intrigeri
Control: found -1 1.16-1 Control: tag -1 + upstream Control: clone -1 -2 Control: severity -1 wishlist Control: retitle -2 wget manpage doesn't warn that certificate revocation lists are not checked Hi, [hoping I got all the Control stanzas right..] Vincent Lefevre wrote (28 Apr 2014 09:11:42 G

Bug#745836: Re[2]: Bug#745836: wget: certificate revocation is not checked

2014-08-19 Thread Vlad Orlov
> This bug isn't on expired certificates, but on the revoked ones. > The www.cloudflarechallenge.com test is now obsolete because the > certificate has expired (wget 1.15 checks that, so no bugs here > for expired certificates). Two tests with revoked certificates > are still working: > > https:

Bug#745836: wget: certificate revocation is not checked

2014-08-19 Thread Vlad Orlov
This indeed looks like a bug in 1.15, because 1.13 and 1.14 recognize the expired certificate: $ wget www.cloudflarechallenge.com --2014-08-19 13:41:45-- http://www.cloudflarechallenge.com/ Resolving www.cloudflarechallenge.com (www.cloudflarechallenge.com)... 107.170.194.215 Connecting to www.

Bug#745836: wget: certificate revocation is not checked

2014-08-19 Thread Vincent Lefevre
On 2014-08-19 13:43:26 +0400, Vlad Orlov wrote: > This indeed looks like a bug in 1.15, because 1.13 and 1.14 > recognize the expired certificate: > > $ wget www.cloudflarechallenge.com > --2014-08-19 13:41:45-- http://www.cloudflarechallenge.com/ > Resolving www.cloudflarechallenge.com (www.clou

Processed: Re: Bug#745836: wget: certificate revocation is not checked

2014-04-28 Thread Debian Bug Tracking System
Processing control commands: > severity -1 grave Bug #745836 [wget] wget: certificate revocation is not checked Severity set to 'grave' from 'wishlist' -- 745836: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=745836 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- T

Processed: Re: Bug#745836: wget: certificate revocation is not checked

2014-04-28 Thread Debian Bug Tracking System
Processing control commands: > severity -1 wishlist Bug #745836 [wget] wget: certificate revocation is not checked Severity set to 'wishlist' from 'grave' > tags -1 security Bug #745836 [wget] wget: certificate revocation is not checked Ignoring request to alter tags of bug #745836 to the same tag

Bug#745836: wget: certificate revocation is not checked

2014-04-28 Thread Raphael Geissert
Control: severity -1 wishlist Control: tags -1 security On 25 April 2014 19:46, Vincent Lefevre wrote: > Package: wget > Version: 1.15-1 > Severity: grave > Tags: security > Justification: user security hole > > Certificate revocation is not checked: wget downloads [...] It is not a bug, it is a

Bug#745836: wget: certificate revocation is not checked

2014-04-25 Thread Vincent Lefevre
Package: wget Version: 1.15-1 Severity: grave Tags: security Justification: user security hole Certificate revocation is not checked: wget downloads https://www.cloudflarechallenge.com/ without any warning or error, contrary to Firefox (and to Chromium when the CRLSet is up-to-date). -- Syste