severity 607497 important fixed 607497 0.2.7-1.1 thanks On Sun, 19 Dec 2010 04:05:00 +0100 Witold Baryluk wrote:
> Package: midori > Version: 0.2.7-1.1 > Severity: grave > Tags: security squeeze > Justification: user security hole > > Simple example > > Go to https://turtle.libre.fm/ > (this site have expired ssl certificate, and it is issued to other domain). > > Address bar in midori will go red, yes, but there is no way to see what is > wrong. > (One can use wget or openssl sclient ... or other browser) > > What is worse, midori actually loads this page and shows us a page. > > It should block request, and should not make connection so easy. > (IMHO there should not even be a way to bypass this errors). > > Possible private data leakage: > - cookies > - private urls > - logins, passwords data > - confidential informations on page. > > This bug makes MITM attack quite simple. > > Yes, user will notice this (becuase of red address bar), but it will be > already > to late to do anything - data was already sent and received. This is CVE-2010-3900 [0]. It has been decided that since Midori's support for SSL is inherently limited that this fix won't be applied for squeeze. It is currently recommended to not use midori if SSL support is important to you. Epiphany or chromium are the preferred webkit-based browsers. Best wishes, Mike [0] http://security-tracker.debian.org/tracker/CVE-2010-3900 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
