[Pidgin] #3381: XMPP TLS and (old) SSL man-in-the-middle attack
Pidgin
trac at pidgin.im
Fri Aug 1 22:48:52 EDT 2008
#3381: XMPP TLS and (old) SSL man-in-the-middle attack
-------------------------+--------------------------------------------------
Reporter: bluefoxicy | Owner: wehlhard
Type: defect | Status: new
Priority: minor | Milestone:
Component: XMPP | Version: 2.2.0
Resolution: | Keywords:
Pending: 0 |
-------------------------+--------------------------------------------------
Comment (by LouCipher):
Currently Pidgin still accepts any TLS certificate without checking. This
is a major security misfeature.
Would it be possible to increase the severity to blocker and schedule it
for the next point release?
--
Ticket URL: <http://developer.pidgin.im/ticket/3381#comment:4>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list