-
git://Stefan Hajnoczi authored
When you clone the repository without previous commit history, 'git://' doesn't protect from man-in-the-middle attacks. HTTPS is more secure since the client verifies the server certificate. Reported-by: Jann Horn <jannh@google.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Cornelia Huck <cohuck@redhat.com> Message-id: 20181108111531.30671-2-stefanha@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
c814b177