On Mon, Dec 29, 2014 at 10:25:24PM +0100, Moritz Mühlenhoff wrote:
On Mon, Sep 22, 2014 at 03:56:00PM +0200, Raphael Hertzog wrote:
Hi,
On Mon, 18 Aug 2014, Salvatore Bonaccorso wrote:
On Thu, Aug 14, 2014 at 11:43:32PM +0200, Emmanuel Bourg wrote:
Is there an example available
Le 23/03/2015 16:43, Moritz Muehlenhoff a écrit :
*ping*, the release is getting closer.
I'm still missing a test case to ensure the patch does indeed address
the issue.
Emmanuel Bourg
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe.
On 23.03.2015 17:04, Emmanuel Bourg wrote:
Le 23/03/2015 16:43, Moritz Muehlenhoff a écrit :
*ping*, the release is getting closer.
I'm still missing a test case to ensure the patch does indeed address
the issue.
Hi,
a way to reproduce this issue was mentioned by upstream here:
Control: severity -1 serious
Control: tags -1 patch
I am raising the severity to serious because I think we want to fix this
for Jessie.
I have created a debdiff which is attached to this e-mail. I haven't
found a simple way yet to connect to an SSL protected web server and to
test this library.
On Mon, Sep 22, 2014 at 03:56:00PM +0200, Raphael Hertzog wrote:
Hi,
On Mon, 18 Aug 2014, Salvatore Bonaccorso wrote:
On Thu, Aug 14, 2014 at 11:43:32PM +0200, Emmanuel Bourg wrote:
Is there an example available somewhere of a subject improperly parsed
by commons-httpclient/3.1-10.2?
Hi,
On Mon, 18 Aug 2014, Salvatore Bonaccorso wrote:
On Thu, Aug 14, 2014 at 11:43:32PM +0200, Emmanuel Bourg wrote:
Is there an example available somewhere of a subject improperly parsed
by commons-httpclient/3.1-10.2? This would help backporting the fix to
this version.
I think this
Hi Emanuel,
On Thu, Aug 14, 2014 at 11:43:32PM +0200, Emmanuel Bourg wrote:
Hi Henri,
Thank you for the report.
Is there an example available somewhere of a subject improperly parsed
by commons-httpclient/3.1-10.2? This would help backporting the fix to
this version.
I think this is
Package: commons-httpclient
Version: 3.1-10.2
Severity: important
Tags: security
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6153
It was found that the fix for CVE-2012-5783 was incomplete. The code added to
check that the server hostname matches the domain name in the subject's CN
Hi Henri,
Thank you for the report.
Is there an example available somewhere of a subject improperly parsed
by commons-httpclient/3.1-10.2? This would help backporting the fix to
this version.
Emmanuel Bourg
signature.asc
Description: OpenPGP digital signature
9 matches
Mail list logo
