gwibber bypasses certificate checking when providing the login/password for OAuth
Bug #705363 reported by
Raphaël Hertzog
This bug affects 4 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Gwibber |
Fix Released
|
Undecided
|
Unassigned | ||
gwibber (Debian) |
Fix Released
|
Unknown
|
|||
gwibber (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Someone reported this in Debian: http://
identi.ca had (mistakenly) installed an SSL certificate not recognized by the installed CA, yet the user has been presented with the OAuth login screen even if that https connection could not be authentified.
visibility: | private → public |
Changed in gwibber (Debian): | |
status: | Unknown → Confirmed |
Changed in gwibber (Debian): | |
status: | Confirmed → Fix Released |
To post a comment you must log in.
Any updates on this bug from upstream?