[ubuntu/trusty-updates] hexchat 2.9.6.1-2ubuntu0.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Apr 4 15:28:05 UTC 2016
hexchat (2.9.6.1-2ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: no ssl hostname verification (LP: #1565000)
- debian/patches/validate_ssl_hostnames.patch: properly validate
hostnames in src/common/server.c, src/common/ssl.c, src/common/ssl.h.
- CVE number pending
* SECURITY UPDATE: missing ssl certificate handled incorrectly
- debian/patches/handle_missing_ssl_cert.patch: fail connection if
certificate isn't found in src/common/server.c.
- No CVE number
Date: 2016-04-02 00:10:12.609765+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/hexchat/2.9.6.1-2ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list