Issue 825797 link

Starred by 1 user

Issue metadata

Status:	WontFix
Owner:	----
Closed:	Mar 2018
Cc:	no...@chromium.org
Components:	Infra>Platform>Buildbot
EstimatedDays:	----
NextAction:	----
OS:	----
Pri:	2
Type:	Bug-Security
allpublic Via-Wizard-Security

private key discloser

Reported by akku.adl...@gmail.com, Mar 26 2018

Issue description

Steps to reproduce the problem:
1. 
2. Go to website givenbelow
3. https://chromium.googlesource.com/chromium/src/+/584cd5cbd7be997400ccb8db24ae5410b0b88117/third_party/buildbot/pylibs/twisted/test/server.pem

What is the expected behavior?
Its a private key and publically open

What went wrong?
Same as above

Did this work before? Yes 6

Chrome version: 59.0.3071.117  Channel: n/a
OS Version: 6.0
Flash Version: Shockwave Flash 29.0 r0

Comment 1 by cthomp@chromium.org, Mar 26 2018

Components: Infra>Platform>Buildbot
Labels: -OS-Android
Status: WontFix (was: Unconfirmed)

These are test certificates that are shipped by the twisted python library (https://github.com/twisted/twisted/blob/trunk/src/twisted/test/key.pem.no_trailing_newline). These are not used for production services in buildbot. I believe they may be used for some tests, but likely they are simply an artifact of vendoring in the third party library.

Project Member

Comment 2 by sheriffbot@chromium.org, Jul 3

Labels: -Restrict-View-SecurityTeam allpublic

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

►

Issue 825797 link

Issue metadata

private key discloser

Issue description

Comment 1 by cthomp@chromium.org, Mar 26 2018

Comment 1 Deleted

Comment 2 by sheriffbot@chromium.org, Jul 3

Comment 2 Deleted

Sign in to add a comment