Package: konqueror Version: 4:15.08.3-1 Severity: grave Tags: security Justification: user security hole
See attached screenshot – konqueror does not error out when the certificate is expired and even shows a green checkbox. (I may or may not have ACK’d the certificate in an earlier session, I don’t know right now, but showing a green checkbox is still wrong.) -- System Information: Debian Release: stretch/sid APT prefers unreleased APT policy: (500, 'unreleased'), (500, 'buildd-unstable'), (500, 'unstable') Architecture: x32 (x86_64) Foreign Architectures: i386, amd64 Kernel: Linux 4.4.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/lksh Init: sysvinit (via /sbin/init) Versions of packages konqueror depends on: ii install-info 6.1.0.dfsg.1-5 ii kde-baseapps-bin 4:15.08.3-1 ii kde-baseapps-data 4:15.08.3-1 ii kde-runtime 4:15.08.3-1+b1 ii libc6 2.22-3 ii libkcmutils4 4:4.14.14-1+b1 ii libkde3support4 4:4.14.14-1+b1 ii libkdecore5 4:4.14.14-1+b1 ii libkdesu5 4:4.14.14-1+b1 ii libkdeui5 4:4.14.14-1+b1 ii libkfile4 4:4.14.14-1+b1 ii libkhtml5 4:4.14.14-1+b1 ii libkio5 4:4.14.14-1+b1 ii libkonq5abi1 4:15.08.3-1 ii libkonqsidebarplugin4a 4:15.08.3-1 ii libkparts4 4:4.14.14-1+b1 ii libqt4-dbus 4:4.8.7+dfsg-6 ii libqt4-qt3support 4:4.8.7+dfsg-6 ii libqt4-xml 4:4.8.7+dfsg-6 ii libqtcore4 4:4.8.7+dfsg-6 ii libqtgui4 4:4.8.7+dfsg-6 ii libstdc++6 5.3.1-12 ii libx11-6 2:1.6.3-1 Versions of packages konqueror recommends: pn dolphin4 <none> ii kfind 4:15.08.3-1 pn konqueror-nsplugins <none> ii kpart-webkit 1.3.4-2 Versions of packages konqueror suggests: ii konq-plugins 4:15.08.3-1 -- no debconf information