httplib2 vulnerability

2012-02-27T00:00:00
ID USN-1375-1
Type ubuntu
Reporter Ubuntu
Modified 2012-02-27T00:00:00

Description

The httplib2 Python library earlier than version 0.7.0 did not perform any server certificate validation when using HTTPS connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to alter or compromise confidential information in applications that used the httplib2 library.