[ubuntu/intrepid-security] irssi (delayed), irssi 0.8.12-4ubuntu2.2 (Accepted)

Ubuntu Installer archive at ubuntu.com
Fri Apr 16 00:03:36 BST 2010


irssi (0.8.12-4ubuntu2.2) intrepid-security; urgency=low

  * SECURITY UPDATE: perform certificate host validation
    - debian/patches/91_CVE-2010-1155.patch: adjust to verify hostname against
      CN. Also use one SSL_CTX per connection and use default trusted CAs if
      nothing specified.
    - CVE-2010-1155
  * SECURITY UPDATE: fix crash when checking for fuzzy nick match when not on
    the channel
    - debian/patches/91_CVE-2010-1156.patch: verify channel is non-NULL in
      src/core/nicklist.c
    - CVE-2010-1156
  * debian/patches/92_disable_sslv2.patch: do not use SSLv2 protocol

Date: Wed, 14 Apr 2010 15:15:07 -0500
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/intrepid/+source/irssi/0.8.12-4ubuntu2.2
-------------- next part --------------
Format: 1.8
Date: Wed, 14 Apr 2010 15:15:07 -0500
Source: irssi
Binary: irssi irssi-dev
Architecture: source
Version: 0.8.12-4ubuntu2.2
Distribution: intrepid-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 irssi      - terminal based IRC client
 irssi-dev  - text-mode version of the irssi IRC client development files
Changes: 
 irssi (0.8.12-4ubuntu2.2) intrepid-security; urgency=low
 .
   * SECURITY UPDATE: perform certificate host validation
     - debian/patches/91_CVE-2010-1155.patch: adjust to verify hostname against
       CN. Also use one SSL_CTX per connection and use default trusted CAs if
       nothing specified.
     - CVE-2010-1155
   * SECURITY UPDATE: fix crash when checking for fuzzy nick match when not on
     the channel
     - debian/patches/91_CVE-2010-1156.patch: verify channel is non-NULL in
       src/core/nicklist.c
     - CVE-2010-1156
   * debian/patches/92_disable_sslv2.patch: do not use SSLv2 protocol
Checksums-Sha1: 
 19b7879bf63edd0edc42bbdd35a5612ca549b127 1391 irssi_0.8.12-4ubuntu2.2.dsc
 9d70e3e58556939d69245ca22f85f838d7e06760 22949 irssi_0.8.12-4ubuntu2.2.diff.gz
Checksums-Sha256: 
 82e9b47ea27c0bc333cad5af9e00fbed712feee86a549f14e7598d6a8e1a5f32 1391 irssi_0.8.12-4ubuntu2.2.dsc
 45dc995996112cb45e451aaa6e663f6fc6a209b8d50bd348211402b130648440 22949 irssi_0.8.12-4ubuntu2.2.diff.gz
Files: 
 c447723cf0848e4494b966a88a07ed6d 1391 net optional irssi_0.8.12-4ubuntu2.2.dsc
 05b1027b8cbc7893794a86a1ce3c9477 22949 net optional irssi_0.8.12-4ubuntu2.2.diff.gz
Original-Maintainer: David Pashley <david at davidpashley.com>


More information about the Intrepid-changes mailing list