Package: epiphany-webkit Version: 2.28.1-1 Severity: grave Tags: security I just found out that epiphany-webkit does not even validate certificates any more!
IMHO this is a grave security issue. Users are exposed to man-in-the-middle attacks and potentially even legal liability Upstream bug filed at <https://bugzilla.gnome.org/show_bug.cgi?id=600663>. Oh, and I just re-read kov's message to this bug. I'm happy to file separate bugs for each issue. I just didn't because I thought it would annoy everyone to do it that way. I'll try to do it this weekend when I have some time. :) -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (530, 'testing'), (520, 'unstable'), (400, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.30-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages epiphany-webkit depends on: ii epiphany-browser 2.28.1-1 Intuitive GNOME web browser epiphany-webkit recommends no packages. epiphany-webkit suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org