[ubuntu/precise-security] telepathy-gabble 0.16.0-0ubuntu3.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Jun 12 13:44:20 UTC 2013
telepathy-gabble (0.16.0-0ubuntu3.1) precise-security; urgency=low
* SECURITY UPDATE: multiple denial of service issues
- debian/patches/CVE-2013-1769.patch: fix DoS issues in
lib/ext/wocky/wocky/wocky-caps-hash.c,
lib/ext/wocky/wocky/wocky-data-form.c,
src/conn-presence.c.
- CVE-2013-1769
* SECURITY UPDATE: information disclosure via legacy Jabber TLS bypass
- debian/patches/CVE-2013-1431.patch: validate TLS requests in
lib/ext/wocky/wocky/wocky-connector.c, added tests to
tests/twisted/Makefile.am, tests/twisted/gabbletest.py,
tests/twisted/tls/legacy-jabber.py.
- CVE-2013-1431
Date: 2013-06-07 13:45:14.002092+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/precise/+source/telepathy-gabble/0.16.0-0ubuntu3.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list