You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2021/02/06 10:30:36 UTC

[GitHub] [cloudstack] DaanHoogland commented on issue #4590: Customized HostnameVerifier bypasses the hostname verification

DaanHoogland commented on issue #4590:
URL: https://github.com/apache/cloudstack/issues/4590#issuecomment-774443402


   @dingelish I do agree, and I would like to schedule work on this, that's why I didn't close the issue. The problem is that someone has to pick it up and address it. Not having an exploit lowers the incentive for people to address it, so if you have run into this issue please add it here. A message on stderr is not going to mean much in a multi machine system like this, i think. I do not have good alternative but a red flag on the ui when a ROOT admin logs in might be an option.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org