-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2012-05-29 15:23:53 UTC
-
mfrom:
(88.1.5 oneiric-proposed)
-
Revision ID:
package-import@ubuntu.com-20120529152353-4d2qebodis1vkuyl
Tags: 2.0.1-0ubuntu1.1
* SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #882062)
- debian/patches/CVE-2011-4409.patch: use pycurl instead of urllib2 and
send hostname for validation in ubuntuone/syncdaemon/action_queue.py,
use correct URL in data/syncdaemon.conf, use pycurl instead of
urllib2 in tests/syncdaemon/test_action_queue.py.
- debian/control: bump python-ubuntuone-storageprotocol and
ubuntu-sso-client dependencies to security updates.
- CVE-2011-4409