[ubuntu/bionic-updates] glib-networking 2.56.0-1ubuntu0.1 (Accepted)

[Ubuntu Archive Robot]

glib-networking (2.56.0-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Failure to validate TLS certificate hostname in
    certain conditions, contrary to documented behaviour
    - debian/patches/CVE-2020-13645.patch: Fail certificate verification
      when the server identity is missing. Based on upstream patch.
    - debian/patches/update-test-certs-for-gnutls.patch: Update the
      certificates used for unit test. Taken from upstream.
    - debian/patches/allow-insecure-md2-cert-in-test.patch: Allow insecure
      md2 certificate to used for one unit test. Taken from upstream.
    - CVE-2020-13645

Date: 2020-06-25 06:47:21.184768+00:00
Changed-By: Alex Murray <alex.murray at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/glib-networking/2.56.0-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.