ubuntuone-client (1.2.2-0ubuntu2.2) lucid-security; urgency=low * SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #882062) - debian/patches/CVE-2011-4409.patch: use pycurl instead of urllib2 in bin/ubuntuone-preferences, tests/syncdaemon/test_action_queue.py, use pycurl instead of urllib2 and send hostname for validation in ubuntuone/syncdaemon/action_queue.py, use correct URL in data/syncdaemon.conf, correctly verify hostname in ubuntuone/oauthdesktop/auth.py, send hostname for validation in ubuntuone/u1sync/client.py, use pycurl instead of urllib2 in ubuntuone/utils/*, ship utils directory in Makefile.*. - debian/python-ubuntuone-client.install: also ship new utils directory. - debian/control: bump python-ubuntuone-storageprotocol dependency to security update. - debian/control: add python-pycurl dependency. - debian/rules: remove simple-patchsys.mk as this is a quilt package. - CVE-2011-4409
Date: Thu, 31 May 2012 10:47:06 -0400 Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com> Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> https://launchpad.net/ubuntu/lucid/+source/ubuntuone-client/1.2.2-0ubuntu2.2
Format: 1.8 Date: Thu, 31 May 2012 10:47:06 -0400 Source: ubuntuone-client Binary: ubuntuone-client ubuntuone-client-gnome ubuntuone-client-tools python-ubuntuone-client Architecture: source Version: 1.2.2-0ubuntu2.2 Distribution: lucid-security Urgency: low Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com> Description: python-ubuntuone-client - Ubuntu One client Python libraries ubuntuone-client - Ubuntu One client ubuntuone-client-gnome - Ubuntu One client GNOME integration ubuntuone-client-tools - Ubuntu One client tools Launchpad-Bugs-Fixed: 882062 Changes: ubuntuone-client (1.2.2-0ubuntu2.2) lucid-security; urgency=low . * SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #882062) - debian/patches/CVE-2011-4409.patch: use pycurl instead of urllib2 in bin/ubuntuone-preferences, tests/syncdaemon/test_action_queue.py, use pycurl instead of urllib2 and send hostname for validation in ubuntuone/syncdaemon/action_queue.py, use correct URL in data/syncdaemon.conf, correctly verify hostname in ubuntuone/oauthdesktop/auth.py, send hostname for validation in ubuntuone/u1sync/client.py, use pycurl instead of urllib2 in ubuntuone/utils/*, ship utils directory in Makefile.*. - debian/python-ubuntuone-client.install: also ship new utils directory. - debian/control: bump python-ubuntuone-storageprotocol dependency to security update. - debian/control: add python-pycurl dependency. - debian/rules: remove simple-patchsys.mk as this is a quilt package. - CVE-2011-4409 Checksums-Sha1: 99b0c001ee396c439167cdb64a528ab40e15cbaf 2174 ubuntuone-client_1.2.2-0ubuntu2.2.dsc ea4cd51d405c2ebabf6fa15ec9fef031eadbee6c 19383 ubuntuone-client_1.2.2-0ubuntu2.2.debian.tar.gz Checksums-Sha256: 7b365637a6c70aeabadaa3a58b363801bf7a8f81232fa6ea4df9448402981cc4 2174 ubuntuone-client_1.2.2-0ubuntu2.2.dsc ed97074dadffc7b82d6c5922a3f9565011368a7b5e35002c4d0d139eafc79bc5 19383 ubuntuone-client_1.2.2-0ubuntu2.2.debian.tar.gz Files: 48a1e8c231688b658624ba844a410979 2174 net optional ubuntuone-client_1.2.2-0ubuntu2.2.dsc 17f005993669dcdf4ac22b8e8bc1f381 19383 net optional ubuntuone-client_1.2.2-0ubuntu2.2.debian.tar.gz Original-Maintainer: Rick McBride <rick.mcbr...@canonical.com>
-- Lucid-changes mailing list Lucid-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/lucid-changes