On Mon, 2010-08-30 at 17:34 +0100, Dominic Hargreaves wrote:
> On Sun, Aug 29, 2010 at 10:42:28AM +0100, Adam D. Barratt wrote:
>
> > I have to admit I'm not hugely happy with the "CSD trojan" messages but,
> > at least in terms of the configuration file setup, I'm not sure it's worth
> > divergin
On Sun, Aug 29, 2010 at 10:42:28AM +0100, Adam D. Barratt wrote:
> I have to admit I'm not hugely happy with the "CSD trojan" messages but,
> at least in terms of the configuration file setup, I'm not sure it's worth
> diverging from upstream on.
>
> Please go ahead.
Uploaded, please unblock ope
On Sat, August 28, 2010 12:59, Dominic Hargreaves wrote:
> On Sat, Aug 28, 2010 at 01:16:29PM +0200, Julien Cristau wrote:
>> On Sat, Aug 28, 2010 at 11:50:49 +0100, Dominic Hargreaves wrote:
>>
>> > On Sun, Aug 15, 2010 at 08:56:46PM +0100, Adam D. Barratt wrote:
>> > > On Sun, 2010-08-15 at 16:13
On Sat, Aug 28, 2010 at 01:16:29PM +0200, Julien Cristau wrote:
> On Sat, Aug 28, 2010 at 11:50:49 +0100, Dominic Hargreaves wrote:
>
> > On Sun, Aug 15, 2010 at 08:56:46PM +0100, Adam D. Barratt wrote:
> > > On Sun, 2010-08-15 at 16:13 +0100, Dominic Hargreaves wrote:
> > > > To the untrained eye
On Sat, Aug 28, 2010 at 11:50:49 +0100, Dominic Hargreaves wrote:
> On Sun, Aug 15, 2010 at 08:56:46PM +0100, Adam D. Barratt wrote:
> > On Sun, 2010-08-15 at 16:13 +0100, Dominic Hargreaves wrote:
> > > To the untrained eye, the diff between
> > > 6732c0e8ccb4d57d6a970973f994a9d2d3509def
> > > an
On Sun, Aug 15, 2010 at 08:56:46PM +0100, Adam D. Barratt wrote:
> On Sun, 2010-08-15 at 16:13 +0100, Dominic Hargreaves wrote:
> > To the untrained eye, the diff between
> > 6732c0e8ccb4d57d6a970973f994a9d2d3509def
> > and
> > 3b2738befa7fe934d0d55b77fe1fcf28aafbe424
> >
> > in upstream git is wh
On Sun, Aug 15, 2010 at 08:56:46PM +0100, Adam D. Barratt wrote:
> On Sun, 2010-08-15 at 16:13 +0100, Dominic Hargreaves wrote:
> > To the untrained eye, the diff between
> > 6732c0e8ccb4d57d6a970973f994a9d2d3509def
> > and
> > 3b2738befa7fe934d0d55b77fe1fcf28aafbe424
> >
> > in upstream git is wh
On Sun, 2010-08-15 at 16:13 +0100, Dominic Hargreaves wrote:
> To the untrained eye, the diff between
> 6732c0e8ccb4d57d6a970973f994a9d2d3509def
> and
> 3b2738befa7fe934d0d55b77fe1fcf28aafbe424
>
> in upstream git is what's required for this, but the patch would need
> a bit of work to apply clean
On Thu, Jul 29, 2010 at 03:45:55PM -0400, Anders Kaseorg wrote:
> Versions of OpenConnect before 2.25 do not verify that the server SSL
> certificate matches the server hostname, which enables an attacker to
> perform an MITM attack on the connection. This can be fixed by upgrading
> to OpenCo
Package: openconnect
Version: 2.22-1.1
Severity: grave
Tags: security fixed-upstream
Versions of OpenConnect before 2.25 do not verify that the server SSL
certificate matches the server hostname, which enables an attacker to
perform an MITM attack on the connection. This can be fixed by upgradi
10 matches
Mail list logo
