Proxecto: | Trisquel mini |
Versión: | 7.0 |
Componente: | Code |
Categoría: | informe de erro |
Prioridade: | critical |
Asignado: | Sen asignar |
Estado: | active |
From upstream:
https://blogs.gnome.org/mcatanzaro/2016/02/01/on-webkit-security-updates/
"Ubuntu releases WebKitGTK+ updates somewhat inconsistently. For instance, Ubuntu 14.04 came with WebKitGTK+ 2.4.0. 2.4.8 is available via updates, but even though 2.4.9 was released upstream over eight months ago, it has not yet been released as an update for Ubuntu 14.04."
[...]
"Ubuntu organizes its software into various repositories, and provides security support only to software in the main repository. This version of WebKitGTK+ is in Ubuntu’s “universe” repository, not in main, so it is excluded from security support."
The result of
https://www.howsmyssl.com/
Your SSL client is Bad.
Insecure Cipher Suites
Bad Your client supports cipher suites that are known to be insecure:
TLS_DHE_DSS_WITH_RC4_128_SHA: This cipher uses RC4 which has insecure biases in its output.
TLS_RSA_WITH_RC4_128_MD5: This cipher uses RC4 which has insecure biases in its output.
TLS_RSA_WITH_RC4_128_SHA: This cipher uses RC4 which has insecure biases in its output.
midori 0.5.11 Trisquel-Mini-7