[ubuntu/lucid-security] ubuntuone-client_1.2.2-0ubuntu2.2_ia64_translations.tar.gz, ubuntuone-client_1.2.2-0ubuntu2.2_armel_translations.tar.gz, ubuntuone-client_1.2.2-0ubuntu2.2_powerpc_translations.tar.gz, ubuntuone-client, ubuntuone-client_1.2.2-0ubuntu2.2_sparc_translations.tar.gz, ubuntuone-client_1.2.2-0ubuntu2.2_amd64_translations.tar.gz, ubuntuone-client_1.2.2-0ubuntu2.2_i386_translations.tar.gz 1.2.2-0ubuntu2.2 (Accepted)

Marc Deslauriers Wed, 06 Jun 2012 06:35:12 -0700

ubuntuone-client (1.2.2-0ubuntu2.2) lucid-security; urgency=low

  * SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #882062)
    - debian/patches/CVE-2011-4409.patch: use pycurl instead of urllib2 in
      bin/ubuntuone-preferences, tests/syncdaemon/test_action_queue.py,
      use pycurl instead of urllib2 and send hostname for validation in
      ubuntuone/syncdaemon/action_queue.py, use correct URL in
      data/syncdaemon.conf, correctly verify hostname in
      ubuntuone/oauthdesktop/auth.py, send hostname for validation in
      ubuntuone/u1sync/client.py, use pycurl instead of urllib2 in
      ubuntuone/utils/*, ship utils directory in Makefile.*.
    - debian/python-ubuntuone-client.install: also ship new utils
      directory.
    - debian/control: bump python-ubuntuone-storageprotocol dependency to
      security update.
    - debian/control: add python-pycurl dependency.
    - debian/rules: remove simple-patchsys.mk as this is a quilt package.
    - CVE-2011-4409


Date: Thu, 31 May 2012 10:47:06 -0400
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/ubuntuone-client/1.2.2-0ubuntu2.2

Format: 1.8
Date: Thu, 31 May 2012 10:47:06 -0400
Source: ubuntuone-client
Binary: ubuntuone-client ubuntuone-client-gnome ubuntuone-client-tools 
python-ubuntuone-client
Architecture: source
Version: 1.2.2-0ubuntu2.2
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Description: 
 python-ubuntuone-client - Ubuntu One client Python libraries
 ubuntuone-client - Ubuntu One client
 ubuntuone-client-gnome - Ubuntu One client GNOME integration
 ubuntuone-client-tools - Ubuntu One client tools
Launchpad-Bugs-Fixed: 882062
Changes: 
 ubuntuone-client (1.2.2-0ubuntu2.2) lucid-security; urgency=low
 .
   * SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #882062)
     - debian/patches/CVE-2011-4409.patch: use pycurl instead of urllib2 in
       bin/ubuntuone-preferences, tests/syncdaemon/test_action_queue.py,
       use pycurl instead of urllib2 and send hostname for validation in
       ubuntuone/syncdaemon/action_queue.py, use correct URL in
       data/syncdaemon.conf, correctly verify hostname in
       ubuntuone/oauthdesktop/auth.py, send hostname for validation in
       ubuntuone/u1sync/client.py, use pycurl instead of urllib2 in
       ubuntuone/utils/*, ship utils directory in Makefile.*.
     - debian/python-ubuntuone-client.install: also ship new utils
       directory.
     - debian/control: bump python-ubuntuone-storageprotocol dependency to
       security update.
     - debian/control: add python-pycurl dependency.
     - debian/rules: remove simple-patchsys.mk as this is a quilt package.
     - CVE-2011-4409
Checksums-Sha1: 
 99b0c001ee396c439167cdb64a528ab40e15cbaf 2174 
ubuntuone-client_1.2.2-0ubuntu2.2.dsc
 ea4cd51d405c2ebabf6fa15ec9fef031eadbee6c 19383 
ubuntuone-client_1.2.2-0ubuntu2.2.debian.tar.gz
Checksums-Sha256: 
 7b365637a6c70aeabadaa3a58b363801bf7a8f81232fa6ea4df9448402981cc4 2174 
ubuntuone-client_1.2.2-0ubuntu2.2.dsc
 ed97074dadffc7b82d6c5922a3f9565011368a7b5e35002c4d0d139eafc79bc5 19383 
ubuntuone-client_1.2.2-0ubuntu2.2.debian.tar.gz
Files: 
 48a1e8c231688b658624ba844a410979 2174 net optional 
ubuntuone-client_1.2.2-0ubuntu2.2.dsc
 17f005993669dcdf4ac22b8e8bc1f381 19383 net optional 
ubuntuone-client_1.2.2-0ubuntu2.2.debian.tar.gz
Original-Maintainer: Rick McBride <rick.mcbr...@canonical.com>

-- 
Lucid-changes mailing list
Lucid-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/lucid-changes

Reply via email to