do-plugins team mailing list archive

Thread
Date

[Bug 323364] [NEW] Microblogging Plugin authenticates to Twitter over clear text

To: do-plugins@xxxxxxxxxxxxxxxxxxx
From: Ben Hagen <benhagen@xxxxxxxxx>
Date: Fri, 30 Jan 2009 21:35:13 -0000
Reply-to: Bug 323364 <323364@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

*** This bug is a security vulnerability ***

Private security bug reported:

Running version v1.0 of the Microblogging plugin (from source). I
noticed it authenticating to Twitter (via HTTP basic authentication)
over clear text. I believe Twitter accepts SSL authentications which
should be the preferred method.

** Affects: do-plugins
     Importance: Undecided
         Status: New

-- 
Microblogging Plugin authenticates to Twitter over clear text
https://bugs.launchpad.net/bugs/323364
You received this bug notification because you are a member of GNOME Do
Plugins Team, which is a direct subscriber.

Follow ups

[Bug 323364] Re: Microblogging Plugin authenticates to Twitter over clear text
From: Chris Halse Rogers, 2011-02-07
[Bug 323364] Re: Microblogging Plugin authenticates to Twitter over clear text
From: Alex Launi, 2009-08-16
[Bug 323364] Re: Microblogging Plugin authenticates to Twitter over clear text
From: Alex Launi, 2009-06-29
[Bug 323364] Re: Microblogging Plugin authenticates to Twitter over clear text
From: Alex Launi, 2009-03-02
[Bug 323364] Re: Microblogging Plugin authenticates to Twitter over clear text
From: Chris S., 2009-02-12
[Bug 323364] [NEW] Microblogging Plugin authenticates to Twitter over clear text
From: Ben Hagen, 2009-01-30

References

[Bug 323364] [NEW] Microblogging Plugin authenticates to Twitter over clear text
From: Ben Hagen, 2009-01-30