lazr.restfulclient doesn't use system ca certificates
Bug #882034 reported by
Marc Deslauriers
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
lazr.restfulclient (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
python-httplib2 0.7.0 and higher, used by lazr.restfulclient, performs server certificate validation by default, but uses an example cacert.txt containing root certs.
Applications that use python-httplib2 should specify usage of the system ca certs for validation (/etc/ssl/certs) which are well maintained and get security updates.
Changed in lazr.restfulclient (Ubuntu): | |
status: | New → Confirmed |
visibility: | private → public |
To post a comment you must log in.
This should be fixed now:
http:// www.ubuntu. com/usn/ usn-1375- 1/