From kde-devel  Mon Aug 12 17:57:27 2002
From: dep <dep () linuxandmain ! com>
Date: Mon, 12 Aug 2002 17:57:27 +0000
To: kde-devel
Subject: Re: SECURITY: Konqueror SSL Vulnerability
X-MARC-Message: https://marc.info/?l=kde-devel&m=102917521529781

begin  Waldo Bastian's  quote:
| Konqueror (kssl to be precisely) fails to detect certificates as
| invalid that have been signed by an issuer who is not allowed to do
| so. A patch for this problem has been commited to both the CVS HEAD
| branch and the KDE_3_0_BRANCH.

question: is it known when this vulnerability was introduced? if it 
was before kde-3.x, will there be patches made available for earlier 
versions?
-- 
dep

http://www.linuxandmain.com -- outside the box, barely within the 
envelope, and no animated paperclip anywhere.
 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<