search

openSUSE / obs-service-download_files

An OBS source service: download files
GNU General Public License v2.0
8 stars 23 forks source link

security: ssl ca verification disabled #19

Closed msmeissn closed 7 years ago

msmeissn commented 7 years ago

https://bugzilla.suse.com/show_bug.cgi?id=1053984

the wget call is done default with SSL verification disabled.

This should only be optional, and SSL verification should be default on.

(Just a small step for security.)

adrianschroeter commented 7 years ago

Done in commit 50fa599d0d947e460b5cd780ff4f25b078154e66, needs a bit more testing