Ubuntu Security Notice 1948-1 - It was discovered that httplib2 only validated SSL certificates on the first request to a connection, and didn't report validation failures on subsequent requests. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could possibly be exploited in certain scenarios to alter or compromise confidential information in applications that used the httplib2 library.
9a52785ec4e2cc7f14626c006c99565fa97fdc8e6944fa72227aa037f067d433
Mandriva Linux Security Advisory 2013-168 - httplib2 only validates SSL certificates on the first request to a connection, and doesn't report validation failures on subsequent requests.
3d461ed982ce73f57f0d9db3030c1093c61471b0bd761aa4a87ccc6a3d04a5e6