Ubuntu
ubuntuone-storage-protocol package

  1. Bug #882062
  2. Comment #27

Comment 27 for bug 882062

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntuone-storage-protocol - 3.0.0-0ubuntu1.1

---------------
ubuntuone-storage-protocol (3.0.0-0ubuntu1.1) precise-security; urgency=low

  * SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #882062)
    - debian/patches/CVE-2011-4409.patch: validate hostname in
      ubuntuone/storageprotocol/context.py, add test to
      tests/test_context.py.
    - CVE-2011-4409
 -- Marc Deslauriers <email address hidden> Tue, 29 May 2012 13:58:05 -0400