On Thu, 8 Nov 2018 11:15:24 +0000 Stefan Hajnoczi <stefa...@redhat.com> wrote:
> When you clone the repository without previous commit history, 'git://' > doesn't protect from man-in-the-middle attacks. HTTPS is more secure > since the client verifies the server certificate. > > Reported-by: Jann Horn <ja...@google.com> > Reviewed-by: Daniel P. Berrangé <berra...@redhat.com> > Reviewed-by: Philippe Mathieu-Daudé <phi...@redhat.com> > Tested-by: Philippe Mathieu-Daudé <phi...@redhat.com> > Reviewed-by: Alex Bennée <alex.ben...@linaro.org> > Signed-off-by: Stefan Hajnoczi <stefa...@redhat.com> > --- > README | 4 ++-- > pc-bios/README | 4 ++-- > 2 files changed, 4 insertions(+), 4 deletions(-) Reviewed-by: Cornelia Huck <coh...@redhat.com>