Ubuntu
ubuntuone-client package

Overview
Code
Bugs
Blueprints
Translations
Answers

Bug #882062
Comment #30

Comment 30 for bug 882062

Revision history for this message

Launchpad Janitor (janitor) wrote on 2012-06-06:

#30

This bug was fixed in the package ubuntuone-client - 2.0.1-0ubuntu1.1

---------------
ubuntuone-client (2.0.1-0ubuntu1.1) oneiric-security; urgency=low

  * SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #882062)
    - debian/patches/CVE-2011-4409.patch: use pycurl instead of urllib2 and
      send hostname for validation in ubuntuone/syncdaemon/action_queue.py,
      use correct URL in data/syncdaemon.conf, use pycurl instead of
      urllib2 in tests/syncdaemon/test_action_queue.py.
    - debian/control: bump python-ubuntuone-storageprotocol and
      ubuntu-sso-client dependencies to security updates.
    - CVE-2011-4409
-- Marc Deslauriers <email address hidden> Tue, 29 May 2012 15:23:53 -0400

Ubuntuubuntuone-client package

Comment 30 for bug 882062

Ubuntu
ubuntuone-client package