Hi,
please push new gnome-online-accounts.
CVE-2013-0240 was already fixed with a patch, but it's now applied by
upstream. Another CVE is also fixed.
Begin forwarded message:
Date: Mon, 4 Mar 2013 14:33:39 +0000
From: Debarshi Ray <[email protected]>
To: GNOME Distributors List <[email protected]>
Subject: GNOME Online Accounts 3.6.3 fixes 2 CVEs
Hello distributors and packagers!
If you are shipping GNOME 3.6.x, you should update
gnome-online-accounts to 3.6.3 because it fixes the following 2 CVEs:
- 693214 Guard against invalid SSL certificates (CVE-2013-0240)
- 695106 Do not send the credentials before notifying the user of an
invalid SSL certificate (CVE-2013-1799)
_______________________________________________
distributor-list mailing list
[email protected]
https://mail.gnome.org/mailman/listinfo/distributor-list
