[ubuntu/bionic-security] glib-networking 2.56.0-1ubuntu0.1 (Accepted)
Alex Murray
alex.murray at canonical.com
Mon Jun 29 01:35:50 UTC 2020
glib-networking (2.56.0-1ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: Failure to validate TLS certificate hostname in
certain conditions, contrary to documented behaviour
- debian/patches/CVE-2020-13645.patch: Fail certificate verification
when the server identity is missing. Based on upstream patch.
- debian/patches/update-test-certs-for-gnutls.patch: Update the
certificates used for unit test. Taken from upstream.
- debian/patches/allow-insecure-md2-cert-in-test.patch: Allow insecure
md2 certificate to used for one unit test. Taken from upstream.
- CVE-2020-13645
Date: 2020-06-25 06:47:21.184768+00:00
Changed-By: Alex Murray <alex.murray at canonical.com>
https://launchpad.net/ubuntu/+source/glib-networking/2.56.0-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list