CVE request: libsocialweb untrusted connection to flickr

[Vincent Danen <vdanen () redhat com>]

A similar request was made last year for libsocialweb connecting to
Twitter, and it seems to be doing the same to Flickr now (probably has
been all this time).

Same situation: opens an HTTP (non-SSL) connection to Flickr when no
Flickr account is configured, and without the user's permission or
knowledge.

Could a CVE be assigned to this (or has one been assigned already)?

Request for the Twitter issue is here (for reference):

http://www.openwall.com/lists/oss-security/2011/11/09/3

and the Red Hat bug:

https://bugzilla.redhat.com/show_bug.cgi?id=863206

Thanks.

--
Vincent Danen / Red Hat Security Response Team