~ubuntu-branches/ubuntu/oneiric/ubuntuone-client/oneiric-security

Viewing all changes in revision 89.

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2012-05-29 15:23:53 UTC
  • mfrom: (88.1.5 oneiric-proposed)
  • Revision ID: package-import@ubuntu.com-20120529152353-4d2qebodis1vkuyl
Tags: 2.0.1-0ubuntu1.1
* SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #882062)
  - debian/patches/CVE-2011-4409.patch: use pycurl instead of urllib2 and
    send hostname for validation in ubuntuone/syncdaemon/action_queue.py,
    use correct URL in data/syncdaemon.conf, use pycurl instead of
    urllib2 in tests/syncdaemon/test_action_queue.py.
  - debian/control: bump python-ubuntuone-storageprotocol and
    ubuntu-sso-client dependencies to security updates.
  - CVE-2011-4409

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: