Le 02/06/2012 14:52, Yves-Alexis Perez a écrit : > ------------------------------------------------------------------------- > Debian Security Advisory DSA-2482-1 secur...@debian.org > http://www.debian.org/security/ Yves-Alexis Perez > June 2, 2012 http://www.debian.org/security/faq > ------------------------------------------------------------------------- > > Package : libgdata > Vulnerability : insufficient certificate validation > Problem type : remote > Debian-specific: no > CVE ID : CVE-2012-2653 > Debian Bug : 664032 > > Vreixo Formoso discovered that libgdata, a library used to access various > Google services, wasn't validating certificates against trusted system > root CAs when using an https connection. > > For the stable distribution (squeeze), this problem has been fixed in > version 0.6.4-2+squeeze1. > > For the testing distribution (wheezy), this problem has been fixed in > version 0.10.2-1. > > For the unstable distribution (sid), this problem has been fixed in > version 0.10.2-1. > > We recommend that you upgrade your libgdata packages. > > Further information about Debian Security Advisories, how to apply > these updates to your system and frequently asked questions can be > found at: http://www.debian.org/security/ > > Mailing list: debian-security-annou...@lists.debian.org
Hi, Wrong subject: s/arpwatch/libgdata/ Cheers, Vincent -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4fca0f2e.8040...@free.fr
