Viewing all changes in revision 13.
- Committer: Bazaar Package Importer
- Date: 2010-04-14 15:18:17 UTC
- Revision ID: james.westby@ubuntu.com-20100414151817-571tinu91e0jvcv8
* SECURITY UPDATE: perform certificate host validation
- debian/patches/92_CVE-2010-1155.patch: adjust to verify hostname against
CN. Also use one SSL_CTX per connection and use default trusted CAs if
nothing specified.
- CVE-2010-1155
* SECURITY UPDATE: fix crash when checking for fuzzy nick match when not on
the channel
- debian/patches/92_CVE-2010-1156.patch: verify channel is non-NULL in
src/core/nicklist.c
- CVE-2010-1156
* debian/patches/92_disable_sslv2.patch: do not use SSLv2 protocol
- debian/patches/92_CVE-2010-1155.patch: adjust to verify hostname against
CN. Also use one SSL_CTX per connection and use default trusted CAs if
nothing specified.
- CVE-2010-1155
* SECURITY UPDATE: fix crash when checking for fuzzy nick match when not on
the channel
- debian/patches/92_CVE-2010-1156.patch: verify channel is non-NULL in
src/core/nicklist.c
- CVE-2010-1156
* debian/patches/92_disable_sslv2.patch: do not use SSLv2 protocol
expand all
collapse all
added
removed
