-
### Component
Dasharo Tools Suite
### Device
other
### Dasharo version
_No response_
### Dasharo Tools Suite version
v2.0.0-rc*
### Test case ID
_No response_
### Brief summary
DTS CI fails…
-
Using evergreen language helps making the documentation feel up to date, or at least not feel outdated.
There may be many places where we're currently mentioning particular versions of Leaflet, leg…
-
The provided files do not have published checksums to validate the file contents, it would be good to have a checksum provided as a mitigating measure in case someone does a Man-in-the-Middle attack o…
-
When an openssl-3.0 client wants to support brainpool server certificates,
but also allow TLS1.3 with RSA certificates, everything works fine, when
both client and server enable brainpool groups, in…
-
Veracode Software Composition Analysis
===============================
Attribute | Details
| --- | --- |
Library | HttpClient
Description | The HttpClient component supports the client-sid…
-
**Plain_Text_Transport_Layer_in_Server** issue exists @ **server/main.go** in branch **master**
*The application starts a server using main, in server\main.go at line 27. This server will listen an…
-
**Is your feature request related to a problem? Please describe.**
Yes, the current implementation of the MS ODBC Driver in `wren-engine` enforces server certificate validation by default. This defau…
-
At present, the receiver is not verifying the quorums' as well as sender's signature. If a receiver does not verify the sender's signature and quorums' signatures, several security and integrity issue…
-
Most client/server architectures are vulnerable to man-in-the-middle attacks, which allow snooping, cookie stealing, replay attacks, etc., even if the client and server communicate using TLS.
This …
-
This is a bit of a Flatpak issue regarding trusted certificate stores. I run my own CA trusted by everything in Linux, but Flatpak apps never trust the CA because it uses its own store. Perhaps an opt…