Package: elinks Version: 0.12~pre6-12 Tags: elinks, browser, ssl, certificate, verification
Certificate verification is disabled by default. To protect users again malicious websites using fake certificates, certificate verification has to be enabled by default. This issue can be spotted when opening elinks and navigating through Menu -> Setup -> Option Manager -> Connections -> SSL -> Verify Certificates. Click 'Info' button to find the default value of the option (cert_verify), which is zero (disabled). Tested on Debian Stretch, with latest today's updates.
