January 19, 2013 [Issue 9355] New: [security] SSL certificate signature verification disabled in std.net.curl | ||||
|---|---|---|---|---|
| ||||
 | http://d.puremagic.com/issues/show_bug.cgi?id=9355 Summary: [security] SSL certificate signature verification disabled in std.net.curl Product: D Version: D2 Platform: All OS/Version: All Status: NEW Severity: regression Priority: P2 Component: Phobos AssignedTo: nobody@puremagic.com ReportedBy: code@klickverbot.at --- Comment #0 from David Nadlinger <code@klickverbot.at> 2013-01-19 12:02:41 PST --- See the discussion in https://github.com/D-Programming-Language/phobos/pull/1076. The commit changes the HTTP-related functions in std.net.curl to no longer verify the signature on the host certificate, rendering any D program using them susceptible to man-in-the-middle attacks. -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- | |||
Permalink
ReplyFebruary 01, 2013 [Issue 9355] [security] SSL certificate signature verification disabled in std.net.curl | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to David Nadlinger | http://d.puremagic.com/issues/show_bug.cgi?id=9355 Brad Roberts <braddr@puremagic.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |braddr@puremagic.com Resolution| |FIXED --- Comment #1 from Brad Roberts <braddr@puremagic.com> 2013-01-31 21:52:22 PST --- Fixed in https://github.com/D-Programming-Language/phobos/pull/1091 -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- | |||
Copyright © 1999-2021 by the D Language Foundation