Processing commands for cont...@bugs.debian.org: > # Has security impact, see > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991971#24 — working on an > update for Bullseye > severity 991971 serious Bug #991971 {Done: Andreas Metzler <ametz...@debian.org>} [lynx] lynx: [CVE-2021-38165] SSL certificate validation fails with URLs containing user name or user name and password, i.e. https://user:password@host/ and https://user@host/\; leaks password in clear text via SNI Severity set to 'serious' from 'important' > thanks Stopping processing here.
Please contact me if you need assistance. -- 991971: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991971 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
