Public bug reported: Binary package hint: libio-socket-ssl-perl
A security problem was fixed upstream in 1.26, so please sync the latest version from Debian. At least version 1.16 and later seem affected (see Debian #535946). Upstream changes for 1.26: v1.26 2009.07.03 - SECURITY BUGFIX! fix Bug in verify_hostname_of_cert where it matched only the prefix for the hostname when no wildcard was given, e.g. www.example.org matched against a certificate with name www.exam in it Thanks to MLEHMANN for reporting Debian changes since 1.24-1 (from karmic): libio-socket-ssl-perl (1.27-1) unstable; urgency=low * New upstream release -- Ansgar Burchardt <ans...@43-1.org> Fri, 24 Jul 2009 23:09:40 +0200 libio-socket-ssl-perl (1.26-1) unstable; urgency=low [ Ryan Niebur ] * Remove Florian Ragwitz from Uploaders (Closes: #523230) [ Nathan Handler ] * debian/watch: Update to ignore development releases. [ Salvatore Bonaccorso ] * New upstream release * Bump Standards-Version to 3.8.2 (no changes) * Simplify debian/rules by using a tiny rules file. * Update Copyright information for debian/* packaging. -- Salvatore Bonaccorso <salvatore.bonacco...@gmail.com> Fri, 03 Jul 2009 11:03:17 +0200 ** Affects: libio-socket-ssl-perl (Ubuntu) Importance: Undecided Status: New ** Tags: sync -- Please sync libemail-send-perl 1.27-1 (universe) from Debian unstable (main) https://bugs.launchpad.net/bugs/405780 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs