Security: missing TLS certificate verification in Faye, faye-websocket
41 views
Skip to first unread message
James Coglan
Jul 31, 2020, 12:51:01 PM7/31/20
to faye-...@googlegroups.com
Hi folks,
We have just released patches for the Ruby WebSocket implementation in
Faye, which was lacking an implementation of TLS certificate
verification. In addition to the same fix recently being made to
em-http-request, that means Faye can now enable this feature by
default.
Full details are here:
https://blog.jcoglan.com/2020/07/31/missing-tls-verification-in-faye/
Do please get in touch if you have any questions.
Best wishes,
James
We have just released patches for the Ruby WebSocket implementation in
Faye, which was lacking an implementation of TLS certificate
verification. In addition to the same fix recently being made to
em-http-request, that means Faye can now enable this feature by
default.
Full details are here:
https://blog.jcoglan.com/2020/07/31/missing-tls-verification-in-faye/
Do please get in touch if you have any questions.
Best wishes,
James
Reply all
Reply to author
Forward
0 new messages