On Thu, Jul 23, 2015 at 03:57:27PM +0000, Eren Yagdiran wrote: [..snip..] > +def get_url(server, path, headers): > + url = "https://"; + server + path > + debug(" Fetching %s..." % url) > + > + req = urllib2.Request(url=url) This does not seem to do any certificate validation (just in case this ends up in a distro's /usr/bin/ I can already see the CVE forthcoming). Cheers, -- Guido -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list