Viewing all changes in revision 69.
- Committer: Package Import Robot
- Date: 2015-04-29 14:03:35 UTC
- Revision ID: package-import@ubuntu.com-20150429140335-3ug9t4k13gmr5a5y
* SECURITY UPDATE: NTLM connection reuse when unauthenticated
- debian/patches/CVE-2015-3143.patch: require credentials to match in
lib/url.c.
- CVE-2015-3143
* SECURITY UPDATE: negotiate not treated as connection-oriented
- debian/patches/CVE-2015-3148.patch: don't clear GSSAPI state between
each exchange and close Negotiate connections when done in
lib/http.c, lib/http_negotiate.c, lib/http_negotiate_sspi.c.
- CVE-2015-3148
- debian/patches/CVE-2015-3143.patch: require credentials to match in
lib/url.c.
- CVE-2015-3143
* SECURITY UPDATE: negotiate not treated as connection-oriented
- debian/patches/CVE-2015-3148.patch: don't clear GSSAPI state between
each exchange and close Negotiate connections when done in
lib/http.c, lib/http_negotiate.c, lib/http_negotiate_sspi.c.
- CVE-2015-3148
- files added:
- .pc/CVE-2015-3143.patch
- .pc/CVE-2015-3143.patch/lib
- .pc/CVE-2015-3148.patch
- .pc/CVE-2015-3148.patch/lib
- files modified:
- .pc/applied-patches
expand all
collapse all
added
removed
