** Changed in: ubuntu-website
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/566467
Title:
potentially vulnerable to cve-2009-3555
--
ubuntu-bugs mailing list
ubuntu
Updated packages have been released for stable releases
http://www.ubuntu.com/usn/usn-990-1
http://www.ubuntu.com/usn/usn-990-2
--
potentially vulnerable to cve-2009-3555
https://bugs.launchpad.net/bugs/566467
You received this bug notification because you are a member of Ubuntu
Bugs, which is s
@Amahdy:
It is currently fixed in Maverick.
Updated openssl and apache2 packages will appear in -proposed for
earlier releases probably next week.
See bug #616759 for tracking.
--
potentially vulnerable to cve-2009-3555
https://bugs.launchpad.net/bugs/566467
You received this bug notification
Any progress for this?
I heard that this bug resolution needs couple of upgrades for:
Apache, mod_ssl, and openssl
All the latest available versions on Ubuntu repository does not contain the
resolution, this bug affects launchpad as well as everybody who uses an Ubuntu
server like me...
I know t
** Changed in: launchpad-foundations
Status: Triaged => Won't Fix
** Description changed:
+ Symptoms
+
+
Using firefox open http://wiki.ubuntu.com or https://launchpad.net and look
in the error console.
You will see this message:
site : potentially vulnerable to cve-200
$ LANGUAGE=C apt-cache policy firefox
firefox:
Installed: 3.6.8+build1+nobinonly-0ubuntu0.10.04.1
Candidate: 3.6.8+build1+nobinonly-0ubuntu0.10.04.1
Version table:
*** 3.6.8+build1+nobinonly-0ubuntu0.10.04.1 0
500 http://archive.ubuntu.com/ubuntu/ lucid-updates/main Packages
On Mon, Jul 19, 2010 at 10:33 PM, Robert Collins
<566...@bugs.launchpad.net> wrote:
> In what way is it flagged? In the error log? In the main UI? Somewhere
> else?
The Firefox error console (Tools -> Error Console)
--
Stuart Bishop
http://www.stuartbishop.net/
--
potentially vulnerable to
In what way is it flagged? In the error log? In the main UI? Somewhere
else?
--
potentially vulnerable to cve-2009-3555
https://bugs.launchpad.net/bugs/566467
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
u
I'm here from the duplicate.
FWIW these are also flagged by Firefox trunk as of today:
launchpad.net : server does not support RFC 5746, see CVE-2009-3555
edge.launchpad.net : server does not support RFC 5746, see CVE-2009-3555
launchpadlibrarian.net : server does not support RFC 5746, see CVE-2009
** Changed in: launchpad-foundations
Assignee: (unassigned) => Robert Collins (lifeless)
--
potentially vulnerable to cve-2009-3555
https://bugs.launchpad.net/bugs/566467
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bu
RT #40432
--
potentially vulnerable to cve-2009-3555
https://bugs.launchpad.net/bugs/566467
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listin
To be clear, the problem is not the potential vulnerability--IS has
assured that we are not vulnerable. The concern is that more than half
of Launchpad's users are Firefox users, and we want to keep them from
being concerned about Launchpad, and keep us from having to reply to
security questions a
I didn't think there was a way around this yet, but
https://bugzilla.mozilla.org/show_bug.cgi?id=554594#c8 seems to suggest
that an update to a newer openssl will make our users no longer worried
about the problem.
I'm reopening the bug for Foundations and will make an RT.
** Bug watch added: Moz
LOSAs verify that LP has the patch installed.
They will track further Apache updates, once the protocol change has
been agreed upon and implemented.
** Changed in: launchpad-foundations
Status: New => Fix Released
--
potentially vulnerable to cve-2009-3555
https://bugs.launchpad.net/bugs
Hi, pasting from IRC:
(11:52:57 AM) jdstrand: herb, newz2000: I did that apache update, and it is not
vulnerable to client initiated TLS renegotiation
(11:53:18 AM) jdstrand: herb, newz2000: however, it is still vulnerable to
server initiated renegotiation
(11:53:40 AM) jdstrand: herb, newz2000:
Hi, I can confirm that the error console does indeed say this, however
it's not clear to me what the impact of this is on our systems. This
issue was addressed in USN 860-1 http://www.ubuntu.com/usn/USN-860-1.
Herb has stated that our systems are up to date but if the sysadmins can
confirm this and
** Project changed: launchpad => launchpad-foundations
--
potentially vulnerable to cve-2009-3555
https://bugs.launchpad.net/bugs/566467
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubunt
** Also affects: ubuntu-website
Importance: Undecided
Status: New
--
potentially vulnerable to cve-2009-3555
https://bugs.launchpad.net/bugs/566467
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ub
This is if I understand it correctly problem at those sites and not
Ubuntu itself. I have assigned launchpad to this how to deal with
wiki.ubuntu.com?
** Also affects: launchpad
Importance: Undecided
Status: New
** Changed in: ubuntu
Status: New => Invalid
** This bug has been f
19 matches
Mail list logo
