[ubuntu/natty-security] ubuntuone-client, ubuntuone-client_1.6.2-0ubuntu2.1_amd64_translations.tar.gz, ubuntuone-client_1.6.2-0ubuntu2.1_i386_translations.tar.gz, ubuntuone-client_1.6.2-0ubuntu2.1_armel_translations.tar.gz, ubuntuone-client_1.6.2-0ubuntu2.1_powerpc_translations.tar.gz 1.6.2-0ubuntu2.1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Wed Jun 6 13:34:33 UTC 2012
ubuntuone-client (1.6.2-0ubuntu2.1) natty-security; urgency=low
* SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #882062)
- debian/patches/CVE-2011-4409.patch: use pycurl instead of urllib2 and
send hostname for validation in ubuntuone/syncdaemon/action_queue.py,
use correct URL in data/syncdaemon.conf, use pycurl instead of
urllib2 in tests/syncdaemon/test_action_queue.py.
- debian/control: bump python-ubuntuone-storageprotocol and
ubuntu-sso-client dependencies to security updates.
- CVE-2011-4409
Date: Tue, 29 May 2012 15:39:24 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/ubuntuone-client/1.6.2-0ubuntu2.1
-------------- next part --------------
Format: 1.8
Date: Tue, 29 May 2012 15:39:24 -0400
Source: ubuntuone-client
Binary: ubuntuone-client ubuntuone-client-gnome python-ubuntuone-client libsyncdaemon-1.0-1 libsyncdaemon-1.0-dev gir1.2-syncdaemon-1.0 ubuntuone-client-dbg
Architecture: source
Version: 1.6.2-0ubuntu2.1
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
gir1.2-syncdaemon-1.0 - Ubuntu One synchronization daemon library
libsyncdaemon-1.0-1 - Ubuntu One synchronization daemon library
libsyncdaemon-1.0-dev - Ubuntu One synchronization daemon library
python-ubuntuone-client - Ubuntu One client Python libraries
ubuntuone-client - Ubuntu One client
ubuntuone-client-dbg - Debugging symbols for ubuntuone-client
ubuntuone-client-gnome - Ubuntu One client GNOME integration
Launchpad-Bugs-Fixed: 882062
Changes:
ubuntuone-client (1.6.2-0ubuntu2.1) natty-security; urgency=low
.
* SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #882062)
- debian/patches/CVE-2011-4409.patch: use pycurl instead of urllib2 and
send hostname for validation in ubuntuone/syncdaemon/action_queue.py,
use correct URL in data/syncdaemon.conf, use pycurl instead of
urllib2 in tests/syncdaemon/test_action_queue.py.
- debian/control: bump python-ubuntuone-storageprotocol and
ubuntu-sso-client dependencies to security updates.
- CVE-2011-4409
Checksums-Sha1:
cc0e9d7fefb95f8a441d2ede88ded3fbf15f27d2 2366 ubuntuone-client_1.6.2-0ubuntu2.1.dsc
65c834cd4be3593be30e8ca831b0cacb9fd99c4b 24941 ubuntuone-client_1.6.2-0ubuntu2.1.debian.tar.gz
Checksums-Sha256:
6fe99445457ba0684bb54def73ad1b4229c0deff896b3a1187adb936cf79e18b 2366 ubuntuone-client_1.6.2-0ubuntu2.1.dsc
6983c20ad2fe9e6578aad79b8c1b55b90230a008f14b0327ca22889bdb578722 24941 ubuntuone-client_1.6.2-0ubuntu2.1.debian.tar.gz
Files:
fad57cf0524cdd1f6d5c58a3ec6a93d3 2366 net optional ubuntuone-client_1.6.2-0ubuntu2.1.dsc
56913d463c0bbe00d5cca319613ccdd1 24941 net optional ubuntuone-client_1.6.2-0ubuntu2.1.debian.tar.gz
Original-Maintainer: Rick McBride <rick.mcbride at canonical.com>
More information about the Natty-changes
mailing list