Package download does not use a secure URL

Bug #1665467 reported by Joshua Kugler on 2017-02-16
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libdvd-pkg (Ubuntu)
Undecided
Unassigned

Bug Description

When building from the source, the download is made from, for example, http://download.videolan.org/pub/libdvdcss/1.4.0/libdvdcss-1.4.0.tar.bz2

But, this URL could be (and probably should be) used instead:

https://download.videolan.org/pub/libdvdcss/1.4.0/libdvdcss-1.4.0.tar.bz2

(Note the HTTPS)

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: libdvd-pkg 1.4.0-1-1
ProcVersionSignature: Ubuntu 4.4.0-62.83-generic 4.4.40
Uname: Linux 4.4.0-62-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.5
Architecture: amd64
CurrentDesktop: KDE
Date: Thu Feb 16 12:39:50 2017
InstallationDate: Installed on 2015-04-03 (685 days ago)
InstallationMedia: Ubuntu-Server 14.04 LTS "Trusty Tahr" - Release amd64 (20140416.2)
PackageArchitecture: all
SourcePackage: libdvd-pkg
UpgradeStatus: Upgraded to xenial on 2016-10-06 (133 days ago)

Joshua Kugler (jkugler) wrote :
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers