diff options
author | Aldo Cortesi <aldo@nullcube.com> | 2012-01-21 14:26:36 +1300 |
---|---|---|
committer | Aldo Cortesi <aldo@nullcube.com> | 2012-01-21 14:26:36 +1300 |
commit | c6150cc1980ecb38264994797deb08a5185445f8 (patch) | |
tree | 5c3b6e0f59326b5f716f05b3a18aed6b43658605 /libmproxy/controller.py | |
parent | d5e3722c97c2094032fe02095c3b8f7cb4df87c3 (diff) | |
download | mitmproxy-c6150cc1980ecb38264994797deb08a5185445f8.tar.gz mitmproxy-c6150cc1980ecb38264994797deb08a5185445f8.tar.bz2 mitmproxy-c6150cc1980ecb38264994797deb08a5185445f8.zip |
Address an issue that allows a malicious client to place certificate files in arbitrary directories.
Thanks to David Black (disclosure@d1b.org) for pointing this out.
Diffstat (limited to 'libmproxy/controller.py')
-rw-r--r-- | libmproxy/controller.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/libmproxy/controller.py b/libmproxy/controller.py index 67ce2460..7607d6d6 100644 --- a/libmproxy/controller.py +++ b/libmproxy/controller.py @@ -1,15 +1,15 @@ # Copyright (C) 2010 Aldo Cortesi -# +# # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. -# +# # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -# +# # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. |