debconf and documentation should mention lack of SSL
Bug #862567 reported by
Jamie Strandboge
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cobbler-enlist (Ubuntu) |
Fix Released
|
High
|
Dave Walker | ||
Oneiric |
Fix Released
|
High
|
Dave Walker |
Bug Description
During the review of cobbler-enlist, it was noted that cobbler-enlist doesn't use SSL. This should be documented as such:
- adjusting the already existing debconf questions/notes to include language that the information is currently submitted in unencrypted form (and a way to abort)
- add language to the --help text that the information is currently submitted in unencrypted form
- add a manpage which among other things includes language that the information is currently submitted in unencrypted form
- add text to README.Debian explaining the lack of SSL, language that the information is currently submitted in unencrypted form and a reference to bug #833994
Related branches
security vulnerability: | yes → no |
visibility: | private → public |
Changed in cobbler-enlist (Ubuntu Oneiric): | |
status: | New → Triaged |
importance: | Undecided → High |
assignee: | nobody → Dave Walker (davewalker) |
milestone: | none → ubuntu-11.10 |
tags: | added: server-o-rs |
To post a comment you must log in.
This bug was fixed in the package cobbler-enlist - 0.2-1
---------------
cobbler-enlist (0.2-1) oneiric; urgency=low
* debian/ cobbler- enlist- udeb.templates: Updated warning-note template to cobbler- enlist- udeb.postinst: Provided speech-marks for execute cobbler- enlist. README. Debian: Initial document, including warning
provide details, and a warning. (LP: #862567)
* debian/
stanza.
* debian/
that enlistment is sent without encryption. (LP: #862567)
-- Dave Walker (Daviey) <email address hidden> Wed, 28 Sep 2011 00:43:36 +0100