Package: konqueror Version: 4:4.3.4-1 Severity: normal Most web browsers show a lock and/or change the address bar to indicate that an https site has been connected to via TLS. konqueror shows (afaict) a green shield with a check-mark. Fair enough.
But other browsers also indicate a "broken lock" or something similar when an https page sources plain http content (e.g. in an img, stylesheet, or script). This is to indicate to the user (who can't tell which pieces of content are served over encrypted channels and which ones are exposed in transit) that the rendered page is not entirely confidential communication. Konqueror does not display this state to the user, so konqueror users are vulnerable to data being sent in the clear without their knowledge. Thanks for maintaining konqueror in debian, --dkg -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages konqueror depends on: ii install-info 4.13a.dfsg.1-5 Manage installed documentation in ii kdebase-bin 4:4.3.4-1 core binaries for the KDE 4 base m ii kdebase-data 4:4.3.4-1 shared data files for the KDE 4 ba ii kdebase-runtime 4:4.3.4-2 runtime components from the offici ii kdelibs5 4:4.3.4-3 core libraries for all KDE 4 appli ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib ii libkonq5 4:4.3.4-1 core libraries for Konqueror ii libkonqsidebarplugin4 4:4.3.4-1 Konqueror sidebar plugin library ii libqt4-dbus 4:4.6.2-4 Qt 4 D-Bus module ii libqt4-qt3support 4:4.6.2-4 Qt 3 compatibility library for Qt ii libqt4-xml 4:4.6.2-4 Qt 4 XML module ii libqtcore4 4:4.6.2-4 Qt 4 core module ii libqtgui4 4:4.6.2-4 Qt 4 GUI module ii libstdc++6 4.4.2-9 The GNU Standard C++ Library v3 ii libx11-6 2:1.3.3-3 X11 client-side library Versions of packages konqueror recommends: ii dolphin 4:4.3.4-1 file manager for KDE 4 ii konqueror-nsplugins 4:4.3.4-1 Netscape plugin support for Konque Versions of packages konqueror suggests: pn konq-plugins <none> (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-qt-kde-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100505211146.6083.14966.report...@localhost.localdomain