linux-distros - [vs-plain] [EMBARGOED] CVE-2013-2073 transifex-client: Does not validate HTTPS server certificate (CRD = 2013-05-22 12:00 UTC time)

Message-ID: <126952454.3344011.1368809545964.JavaMail.root@redhat.com>
Date: Fri, 17 May 2013 12:52:25 -0400 (EDT)
From: Jan Lieskovsky <jlieskov@...hat.com>
To: Operating system distro security contacts <distros@...openwall.org>
CC: Apostolis Bessas <mpessas@...nsifex.com>,        Ilias Vrachnis
 <vid@...nsifex.com>, Radek Vokal <rvokal@...hat.com>,        Florian
 Weimer <fweimer@...hat.com>
Subject: [vs-plain] [EMBARGOED] CVE-2013-2073 transifex-client: Does not
 validate HTTPS server certificate (CRD = 2013-05-22 12:00 UTC time)

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.