You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wagon-dev@maven.apache.org by "Brett Porter (JIRA)" <ji...@codehaus.org> on 2005/10/10 16:30:12 UTC
[jira] Closed: (WAGONSSH-12) wagon-ssh is vulnerable to man in the middle attacks
[ http://jira.codehaus.org/browse/WAGONSSH-12?page=all ]
Brett Porter closed WAGONSSH-12:
--------------------------------
Assign To: Brett Porter
Resolution: Fixed
this took quite some applying :)
I fully componentised it and shuffled a few things around. Let me know what you think.
> wagon-ssh is vulnerable to man in the middle attacks
> ----------------------------------------------------
>
> Key: WAGONSSH-12
> URL: http://jira.codehaus.org/browse/WAGONSSH-12
> Project: wagon-ssh
> Type: Bug
> Reporter: Juan F. Codagnone
> Assignee: Brett Porter
> Priority: Critical
> Fix For: 1.0-alpha-5
> Attachments: WAGON-SSH-12.diff
>
>
> There is no way to handle known hosts/fingerprints in wagon-ssh.
> ¡Encryption without knowing who you are talking with has no fun!
> i will try to provide a patch
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: wagon-dev-unsubscribe@maven.apache.org
For additional commands, e-mail: wagon-dev-help@maven.apache.org