Processing commands for cont...@bugs.debian.org:
> severity 603450 important
Bug #603450 [offlineimap] offlineimap: fails check the remote servers ssl
certificate is valid
Severity set to 'important' from 'grave'
> kthxbye
Stopping processing here.
Please contact me if you need assistance.
--
severity 603450 important
kthxbye
On Sun, Nov 14, 2010 at 19:55:23 +1100, david b wrote:
> Package: offlineimap
> Severity: grave
> Tags: security
> Justification: user security hole
>
> offlineimap performs absolutely no ssl certificate checking. So users
> could/can be the victim of a man in
> FWIW, this is a limitation documented on the homepage since 2007:
> https://github.com/jgoerzen/offlineimap/wiki
Erh No ... I added that. I didn't see on the homepage erh...?
Also my bug report here links to the 2007 thread post already...
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@l
On Sun, Nov 14, 2010 at 07:55:23PM +1100, david b wrote:
> Package: offlineimap
> Severity: grave
> Tags: security
> Justification: user security hole
>
> offlineimap performs absolutely no ssl certificate checking. So users
> could/can be the victim of a man in the middle attack.
> In debian the
Package: offlineimap
Severity: grave
Tags: security
Justification: user security hole
offlineimap performs absolutely no ssl certificate checking. So users could/can
be the victim of a man in the middle attack.
In debian the following bugs exist:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=
5 matches
Mail list logo
