[wget-notify] [bug #20421] wget: missing a check for Subject
Alternative Name (TLS cert.)
NoèlKöthe
INVALID.NOREPLY at gnu.org
Mon Jul 9 14:44:51 PDT 2007
URL:
<http://savannah.gnu.org/bugs/?20421>
Summary: wget: missing a check for Subject Alternative Name
(TLS cert.)
Project: GNU Wget
Submitted by: nok
Submitted on: Montag 09.07.2007 um 23:44
Category: User Interface
Severity: 3 - Normal
Status: None
Privacy: Public
Assigned to: None
Originator Name:
Originator Email:
Open/Closed: Open
Discussion Lock: Any
Release: 1.10.2
Operating System: GNU/Linux
Reproducibility: Every Time
Fixed Release: None
Planned Release: None
Regression: None
Work Required: None
Patch Included: No
_______________________________________________________
Details:
Hello,
a forwarded bug from http://bugs.debian.org/409938
"When accessing an https server, wget does not appear to check the
Subject Alternative Name field of the server certificate and in cases where
wget is connecting to a name listed in that field, wget
declines to connect to the server without the --no-check-certificate option,
which should not be necessary in this case.
A similar problem has been fixed in fetchmail, and Debian bug report #201113
may contain useful information."
You can access the mentioned bug via http://bugs.debian.org/201113
thx.
noel at d.o
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?20421>
_______________________________________________
Nachricht geschickt von/durch Savannah
http://savannah.gnu.org/
More information about the wget-notify
mailing list