Inicio » Trisquel mini » Incidencias
Enviado por trinux o Sáb, 07/23/2016 - 20:04

Midori, default browser on Mini, is insecure

Proxecto:Trisquel mini
Versión:7.0
Componente:Code
Categoría:informe de erro
Prioridade:critical
Asignado:Sen asignar
Estado:active
Descrición

From upstream:

https://blogs.gnome.org/mcatanzaro/2016/02/01/on-webkit-security-updates/

"Ubuntu releases WebKitGTK+ updates somewhat inconsistently. For instance, Ubuntu 14.04 came with WebKitGTK+ 2.4.0. 2.4.8 is available via updates, but even though 2.4.9 was released upstream over eight months ago, it has not yet been released as an update for Ubuntu 14.04."

[...]

"Ubuntu organizes its software into various repositories, and provides security support only to software in the main repository. This version of WebKitGTK+ is in Ubuntu’s “universe” repository, not in main, so it is excluded from security support."

Mangy Dog:
Dom, 07/24/2016 - 22:45

The result of
https://www.howsmyssl.com/
Your SSL client is Bad.

Insecure Cipher Suites
Bad Your client supports cipher suites that are known to be insecure:

TLS_DHE_DSS_WITH_RC4_128_SHA: This cipher uses RC4 which has insecure biases in its output.
TLS_RSA_WITH_RC4_128_MD5: This cipher uses RC4 which has insecure biases in its output.
TLS_RSA_WITH_RC4_128_SHA: This cipher uses RC4 which has insecure biases in its output.

midori 0.5.11 Trisquel-Mini-7