[Bug 868353] Re: in apt-https Verify-Peer does not fail a connection on error

Launchpad Bug Tracker Mon, 28 Nov 2011 07:22:54 -0800

This bug was fixed in the package apt - 0.7.25.3ubuntu9.9

---------------
apt (0.7.25.3ubuntu9.9) lucid-security; urgency=low


  * SECURITY UPDATE: sensitive information disclosure via incorrect
    hostname validation (LP: #868353)
    - methods/https.cc: properly set CURLOPT_SSL_VERIFYHOST.
    - CVE-2011-3634
  * SECURITY UPDATE: Restore apt-ket net-update functionality (LP: #857472)
    - cmdline/apt-key: improve key validation.
 -- Marc Deslauriers <[email protected]>   Tue, 22 Nov 2011 13:56:02 
-0500

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/868353

Title:
  in apt-https Verify-Peer does not fail a connection on error

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/868353/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 868353] Re: in apt-https Verify-Peer does not fail a connection on error

Reply via email to