Public bug reported:
Binary package hint: libio-socket-ssl-perl
A security problem was fixed upstream in 1.26, so please sync the latest
version from Debian. At least version 1.16 and later seem affected (see
Debian #535946).
Upstream changes for 1.26:
v1.26 2009.07.03
- SECURITY BUGFIX!
fix Bug in verify_hostname_of_cert where it matched only the prefix for
the hostname when no wildcard was given, e.g. www.example.org matched
against a certificate with name www.exam in it
Thanks to MLEHMANN for reporting
Debian changes since 1.24-1 (from karmic):
libio-socket-ssl-perl (1.27-1) unstable; urgency=low
* New upstream release
-- Ansgar Burchardt <ans...@43-1.org> Fri, 24 Jul 2009 23:09:40 +0200
libio-socket-ssl-perl (1.26-1) unstable; urgency=low
[ Ryan Niebur ]
* Remove Florian Ragwitz from Uploaders (Closes: #523230)
[ Nathan Handler ]
* debian/watch: Update to ignore development releases.
[ Salvatore Bonaccorso ]
* New upstream release
* Bump Standards-Version to 3.8.2 (no changes)
* Simplify debian/rules by using a tiny rules file.
* Update Copyright information for debian/* packaging.
-- Salvatore Bonaccorso <salvatore.bonacco...@gmail.com> Fri, 03 Jul
2009 11:03:17 +0200
** Affects: libio-socket-ssl-perl (Ubuntu)
Importance: Undecided
Status: New
** Tags: sync
--
Please sync libemail-send-perl 1.27-1 (universe) from Debian unstable (main)
https://bugs.launchpad.net/bugs/405780
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
