oss-sec mailing list archives

CVE Request: Multiple issues in com.ning:async-http-client

From: Arun Babu Neelicattu <abn () redhat com>
Date: Wed, 20 Aug 2014 12:27:02 -0400 (EDT)

Hi,

We noticed these issues were filed upstream and were never assigned 
CVE(s). Can we please get CVE(s) assigned to the following issues 
please?

1. async-http-client: SSL/TLS certificate verification disabled
https://github.com/AsyncHttpClient/async-http-client/issues/352

2. async-http-client: No SSL HostName verification
https://github.com/AsyncHttpClient/async-http-client/issues/197

Cheers,
Arun
-- 
Arun Neelicattu / Red Hat Product Security
PGP: 0xC244393B 5229 F596 474F 00A1 E416  CF8B 36F5 5054 C244 393B

Current thread:

CVE Request: Multiple issues in com.ning:async-http-client Arun Babu Neelicattu (Aug 20)
- Re: CVE Request: Multiple issues in com.ning:async-http-client cve-assign (Aug 25)