[ubuntu/natty-security] ubuntuone-client, ubuntuone-client_1.6.2-0ubuntu2.1_amd64_translations.tar.gz, ubuntuone-client_1.6.2-0ubuntu2.1_i386_translations.tar.gz, ubuntuone-client_1.6.2-0ubuntu2.1_armel_translations.tar.gz, ubuntuone-client_1.6.2-0ubuntu2.1_powerpc_translations.tar.gz 1.6.2-0ubuntu2.1 (Accepted)

[Marc Deslauriers]

ubuntuone-client (1.6.2-0ubuntu2.1) natty-security; urgency=low

  * SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #882062)
    - debian/patches/CVE-2011-4409.patch: use pycurl instead of urllib2 and
      send hostname for validation in ubuntuone/syncdaemon/action_queue.py,
      use correct URL in data/syncdaemon.conf, use pycurl instead of
      urllib2 in tests/syncdaemon/test_action_queue.py.
    - debian/control: bump python-ubuntuone-storageprotocol and
      ubuntu-sso-client dependencies to security updates.
    - CVE-2011-4409

Date: Tue, 29 May 2012 15:39:24 -0400
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/ubuntuone-client/1.6.2-0ubuntu2.1

Format: 1.8
Date: Tue, 29 May 2012 15:39:24 -0400
Source: ubuntuone-client
Binary: ubuntuone-client ubuntuone-client-gnome python-ubuntuone-client 
libsyncdaemon-1.0-1 libsyncdaemon-1.0-dev gir1.2-syncdaemon-1.0 
ubuntuone-client-dbg
Architecture: source
Version: 1.6.2-0ubuntu2.1
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Description: 
 gir1.2-syncdaemon-1.0 - Ubuntu One synchronization daemon library
 libsyncdaemon-1.0-1 - Ubuntu One synchronization daemon library
 libsyncdaemon-1.0-dev - Ubuntu One synchronization daemon library
 python-ubuntuone-client - Ubuntu One client Python libraries
 ubuntuone-client - Ubuntu One client
 ubuntuone-client-dbg - Debugging symbols for ubuntuone-client
 ubuntuone-client-gnome - Ubuntu One client GNOME integration
Launchpad-Bugs-Fixed: 882062
Changes: 
 ubuntuone-client (1.6.2-0ubuntu2.1) natty-security; urgency=low
 .
   * SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #882062)
     - debian/patches/CVE-2011-4409.patch: use pycurl instead of urllib2 and
       send hostname for validation in ubuntuone/syncdaemon/action_queue.py,
       use correct URL in data/syncdaemon.conf, use pycurl instead of
       urllib2 in tests/syncdaemon/test_action_queue.py.
     - debian/control: bump python-ubuntuone-storageprotocol and
       ubuntu-sso-client dependencies to security updates.
     - CVE-2011-4409
Checksums-Sha1: 
 cc0e9d7fefb95f8a441d2ede88ded3fbf15f27d2 2366 
ubuntuone-client_1.6.2-0ubuntu2.1.dsc
 65c834cd4be3593be30e8ca831b0cacb9fd99c4b 24941 
ubuntuone-client_1.6.2-0ubuntu2.1.debian.tar.gz
Checksums-Sha256: 
 6fe99445457ba0684bb54def73ad1b4229c0deff896b3a1187adb936cf79e18b 2366 
ubuntuone-client_1.6.2-0ubuntu2.1.dsc
 6983c20ad2fe9e6578aad79b8c1b55b90230a008f14b0327ca22889bdb578722 24941 
ubuntuone-client_1.6.2-0ubuntu2.1.debian.tar.gz
Files: 
 fad57cf0524cdd1f6d5c58a3ec6a93d3 2366 net optional 
ubuntuone-client_1.6.2-0ubuntu2.1.dsc
 56913d463c0bbe00d5cca319613ccdd1 24941 net optional 
ubuntuone-client_1.6.2-0ubuntu2.1.debian.tar.gz
Original-Maintainer: Rick McBride <rick.mcbr...@canonical.com>

-- 
Natty-changes mailing list
Natty-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/natty-changes