Viewing all changes in revision 76.
- Committer: Package Import Robot
- Date: 2014-04-01 10:16:55 UTC
- Revision ID: package-import@ubuntu.com-20140401101655-5p5q86tx2u512owg
* SECURITY UPDATE: wrong re-use of connections
- debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
HTTP logic, and extend new connection logic to other protocols in
lib/http.c, lib/url.c, lib/urldata.h, add new tests to
tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
- CVE-2014-0138
* SECURITY UPDATE: incorrect wildcard SSL certificate validation with
literal IP addresses
- debian/patches/CVE-2014-0139.patch: fix wildcard logic in
lib/hostcheck.c, added tests to tests/data/Makefile.am,
tests/data/test1397, tests/unit/Makefile.inc, tests/unit/unit1397.c.
- CVE-2014-0139
* debian/patches/fix_test172.path: fix expired cookie causing test to
fail.
- debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
HTTP logic, and extend new connection logic to other protocols in
lib/http.c, lib/url.c, lib/urldata.h, add new tests to
tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
- CVE-2014-0138
* SECURITY UPDATE: incorrect wildcard SSL certificate validation with
literal IP addresses
- debian/patches/CVE-2014-0139.patch: fix wildcard logic in
lib/hostcheck.c, added tests to tests/data/Makefile.am,
tests/data/test1397, tests/unit/Makefile.inc, tests/unit/unit1397.c.
- CVE-2014-0139
* debian/patches/fix_test172.path: fix expired cookie causing test to
fail.
- files added:
- .pc/CVE-2014-0138.patch
- .pc/CVE-2014-0138.patch/lib
- .pc/CVE-2014-0138.patch/tests
- .pc/CVE-2014-0138.patch/tests/data
- .pc/CVE-2014-0139.patch
- .pc/CVE-2014-0139.patch/lib
- .pc/CVE-2014-0139.patch/tests
- .pc/CVE-2014-0139.patch/tests/data
- .pc/CVE-2014-0139.patch/tests/unit
- .pc/fix_test172.patch
- .pc/fix_test172.patch/tests
- .pc/fix_test172.patch/tests/data
- files modified:
- .pc/applied-patches
expand all
collapse all
added
removed
