[Expired for crtmpserver (Ubuntu) because there has been no activity for
60 days.]
** Changed in: crtmpserver (Ubuntu)
Status: Incomplete = Expired
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Description changed:
- Recently, we are trying to find SSL security problems by static
- analysis. For example, as we all know, Hostname verification is an
- important step when verifying X509 certificates, however, people tend to
- miss the step or to misunderstand the APIs when using
** Description changed:
Recently, our group is trying to find SSL security problems by static
analysis. When using Openssl, people tend to miss the step or to
misunderstand the APIs when using SSL/TLS, which might cause severe man
in the middle attack and break the entire TLS mechanism.
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
