[SM-imapproxy] Vulnerability for X509 Certificate Verification

Discussion:

Jerry Zhang

2014-10-16 15:21:39 UTC

Hello,

We are a research group trying to use static analysis to find the unsafe usage of APIs.
Could you please take a look at vulnerability about imapproxy?
https://bugs.launchpad.net/ubuntu/+source/up-imapproxy/+bug/1374729

Thanks,
Jerry

Emmanuel Dreyfus

2014-10-16 17:22:08 UTC

Permalink

Post by Jerry Zhang
We are a research group trying to use static analysis to find the unsafe
usage of APIs. Could you please take a look at vulnerability about
imapproxy?

I understand the code to verify the certificate is there, but it always
return success, even if it logs something wrong.

--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
***@netbsd.org

1 Reply
1 View
Permalink to this page
Disable enhanced parsing

Thread Navigation

Jerry Zhang 2014-10-16 15:21:39 UTC

Emmanuel Dreyfus 2014-10-16 17:22:08 UTC

about - legalese