oss-sec mailing list archives
CVE Request: httplib2 ssl cert incorrect error handling
From: Marc Deslauriers <marc.deslauriers () canonical com>
Date: Wed, 01 May 2013 16:15:19 -0700
Hello, httplib2 only validates SSL certificates on the first request to a connection, and doesn't report validation failures on subsequent requests. Bugs: http://code.google.com/p/httplib2/issues/detail?id=282 https://bugs.launchpad.net/httplib2/+bug/1175272 Could a CVE please be assigned to this issue? Thanks, Marc. -- Marc Deslauriers Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/
Current thread:
- CVE Request: httplib2 ssl cert incorrect error handling Marc Deslauriers (May 01)
- Re: CVE Request: httplib2 ssl cert incorrect error handling Kurt Seifried (May 01)