https://bugzilla.redhat.com/show_bug.cgi?id=1093273
--- Doc Text *updated* by Chess Hazlett <chazlett(a)redhat.com> ---
It was found that the ServerTrustManager in the Smack XMPP API did not verify
basicConstraints and nameConstraints in X.509 certificate chains. A man-in-the-middle
attacker could use this flaw to spoof servers and obtain sensitive information.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug
https://bugzilla.redhat.com/token.cgi?t=vVCGMZoc5U&a=cc_unsubscribe