[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 Ján Rusnačko changed: What|Removed |Added CC||jrusn...@redhat.com

[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 Tomas Hoger changed: What|Removed |Added Status|NEW |CLOSED

[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 Tomas Hoger tho...@redhat.com changed: What|Removed |Added Priority|high|medium

[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 Bug 1094440 depends on bug 1094442, which changed state. Bug 1094442 Summary: perl-libwww-perl: incorrect handling of SSL certificate verification [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1094442 What|Removed

[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 --- Comment #13 from Fedora Update System upda...@fedoraproject.org --- perl-LWP-Protocol-https-6.04-2.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. -- You are

[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 --- Comment #12 from Fedora Update System upda...@fedoraproject.org --- perl-LWP-Protocol-https-6.04-4.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. -- You are

[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 --- Comment #11 from Petr Pisar ppi...@redhat.com --- Created attachment 895124 -- https://bugzilla.redhat.com/attachment.cgi?id=895124action=edit Part3 for 6.04 to restore behavior in F19 This patch is needed for F19 only because there is

[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 --- Comment #7 from Petr Pisar ppi...@redhat.com --- Created attachment 894671 -- https://bugzilla.redhat.com/attachment.cgi?id=894671action=edit Proposed fix (part 1) From https://github.com/noxxi/lwp-protocol-https.git. -- You are

[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 --- Comment #8 from Petr Pisar ppi...@redhat.com --- Created attachment 894672 -- https://bugzilla.redhat.com/attachment.cgi?id=894672action=edit Proposed fix (part 2) From https://github.com/noxxi/lwp-protocol-https.git. -- You are

[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 --- Comment #9 from Petr Pisar ppi...@redhat.com --- Created attachment 894747 -- https://bugzilla.redhat.com/attachment.cgi?id=894747action=edit Part 1 ported to 6.04 -- You are receiving this mail because: You are on the CC list for the

[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 --- Comment #10 from Petr Pisar ppi...@redhat.com --- Created attachment 894748 -- https://bugzilla.redhat.com/attachment.cgi?id=894748action=edit Part 2 ported to 6.04 -- You are receiving this mail because: You are on the CC list for the

[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 Petr Pisar ppi...@redhat.com changed: What|Removed |Added Attachment #893659|0 |1 is obsolete|

[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 --- Comment #5 from Petr Pisar ppi...@redhat.com --- Created attachment 893659 -- https://bugzilla.redhat.com/attachment.cgi?id=893659action=edit Test case This is an automated test. It requires openssl(1) and some Perl modules. It checks

[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 Martin Prpic mpr...@redhat.com changed: What|Removed |Added Summary|perl-libwww-perl: incorrect |CVE-2014-3230

[Bug 1094440] CVE-2014-3230 perl-libwww-perl: incorrect handling of SSL certificate verification

https://bugzilla.redhat.com/show_bug.cgi?id=1094440 --- Comment #3 from Martin Prpic mpr...@redhat.com --- MITRE assigned CVE-2014-3230 to this issue: http://seclists.org/oss-sec/2014/q2/256 ^ also states that additional CVEs may be assigned later. -- You are receiving this mail because: