Bugzilla – Bug 852784
VUL-2: CVE-2013-6396: python-swiftclient: SSL certificate verification security issue
Last modified: 2016-10-20 10:23:15 UTC
CVE-2013-6396 Python-swiftclient fails to properly verify the server SSL certificates, which can be exploited by malicious people to conduct spoofing attacks via MitM (Man in the Middle attacks) and possibly leading to disclosure of sensitive information. References: https://bugs.gentoo.org/show_bug.cgi?id=491368 https://bugs.launchpad.net/python-swiftclient/+bug/1199783 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6396 https://bugzilla.redhat.com/show_bug.cgi?id=1031652
The SWAMPID for this issue is 55265. This issue was rated as moderate. Please submit fixed packages until 2013-12-12. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
bugbot adjusting priority
Ok, sounds something for a VUL-2 tag. I hope its tracked somewhere in the Cloud 3 roadmap then so this issue is not forgotten about.
hi any news related with this issue? is that already fixed?
fixed in current versions of cloud