Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 20 Aug 2014 12:27:02 -0400 (EDT)
From: Arun Babu Neelicattu <>
Subject: CVE Request: Multiple issues in com.ning:async-http-client


We noticed these issues were filed upstream and were never assigned 
CVE(s). Can we please get CVE(s) assigned to the following issues 

1. async-http-client: SSL/TLS certificate verification disabled

2. async-http-client: No SSL HostName verification

Arun Neelicattu / Red Hat Product Security
PGP: 0xC244393B 5229 F596 474F 00A1 E416  CF8B 36F5 5054 C244 393B

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ