** Project changed: software-center => libsoup -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to software-center in Ubuntu. https://bugs.launchpad.net/bugs/874242
Title: Re: "Single sign on page doesn't look secure" --> well it isn't :> Status in Soup HTTP Library: Won't Fix Status in “software-center” package in Ubuntu: Fix Released Bug description: So the new ubuntu came out (11.10) (well done!) and I decided to play with the new ubuntu store software manager program. So it turns out that previously a bug was reported saying that "Single sign on page doesn't look secure", https://bugs.launchpad.net/ubuntu/+source/software-center/+bug/637649, well... guess what? it isn't "secure tm" I placed an entry in /etc/hosts to redirect login.ubuntu.com to the address of an ISP and attempted to "buy a piece of software" via the ubuntu software center ... well instead of viewing the login.ubuntu.com page I got the ISP's web page ... I haven't reviewed the code yet, but I doubt the code is doing sufficient ssl validation ... tldr: this is a bad thing because user's who expect to login to ubuntu safely(with ssl :) ) and buy software are at risk. To manage notifications about this bug go to: https://bugs.launchpad.net/libsoup/+bug/874242/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
