Package: lynx-cur Version: 2.8.8pre5-1 Severity: grave Tags: security Justification: user security hole
Certificate revocation is not checked: lynx opens https://www.cloudflarechallenge.com/ without any warning or error, contrary to Firefox (and to Chromium when the CRLSet is up-to-date). -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.11-2-amd64 (SMP w/2 CPU cores) Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages lynx-cur depends on: ii libbsd0 0.6.0-2 ii libbz2-1.0 1.0.6-5 ii libc6 2.18-4 ii libgcrypt11 1.5.3-4 ii libgnutls26 2.12.23-14 ii libidn11 1.28-2 ii libncursesw5 5.9+20140118-1 ii libtinfo5 5.9+20140118-1 ii zlib1g 1:1.2.8.dfsg-1 Versions of packages lynx-cur recommends: ii mime-support 3.54 lynx-cur suggests no packages. -- debconf information: lynx-cur/defaulturl: http://www.vinc17.org/ lynx-cur/etc_lynx.cfg: -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
