[ubuntu/trusty-updates] shellinabox 2.14-1ubuntu0.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Aug 24 23:28:07 UTC 2016
shellinabox (2.14-1ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: Disable HTTP fallback using the URL /plain.
Consequently disables automatic upgrades from HTTP to HTTPS.
- Thanks to Stephen Roettger for finding the bug.
- Thanks to Luka Krajger for writing the fix.
- Fixes CVE-2015-8400
Date: 2016-08-24 21:56:17.310309+00:00
Changed-By: Emily Ratliff <emily.ratliff at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/shellinabox/2.14-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list