Comment 33 for bug 882062

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntuone-storage-protocol - 1.2.0-0ubuntu1.1

---------------
ubuntuone-storage-protocol (1.2.0-0ubuntu1.1) lucid-security; urgency=low

  * SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #882062)
    - debian/patches/CVE-2011-4409.patch: validate hostname in
      ubuntuone/storageprotocol/context.py, add test to
      tests/test_context.py.
    - CVE-2011-4409
 -- Marc Deslauriers <email address hidden> Tue, 29 May 2012 15:46:00 -0400