Skip to content

Ensure the ssl-use-system-ca-file property is set to true on all SoupSessions.

Ariadne Conill requested to merge kaniini/libgrss:cve-2016-20011 into master

The default SoupSessionSync and SoupSessionAsync behaviour does not perform any TLS certificate validation, unless the ssl-use-system-ca-file property is set to true.

This mitigates CVE-2016-20011.

Closes #4.

Edited by Ariadne Conill

Merge request reports