oss-sec mailing list archives
Re: CVE Request: libgdata did not verify SSL certificates
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 14 Mar 2012 12:03:34 -0600
On 03/14/2012 05:46 AM, Marc Deslauriers wrote:
On Wed, 2012-03-14 at 08:54 +0100, Ludwig Nussel wrote:Hi, libgdata did not verify SSL certificates: http://git.gnome.org/browse/libgdata/commit/?id=6799f2c525a584dc998821a6ce897e463dad7840 http://git.gnome.org/browse/libgdata/commit/?h=libgdata-0-10&id=8eff8fa9138859e03e58c2aa76600ab63eb5c29c https://bugzilla.gnome.org/show_bug.cgi?id=671535 https://bugzilla.novell.com/show_bug.cgi?id=752088Please credit Vreixo Formoso for having discovered this. https://bugs.launchpad.net/ubuntu/+source/libgdata/+bug/938812 Thanks, Marc.
Please use CVE-2012-1177 for this issue. -- Kurt Seifried Red Hat Security Response Team (SRT)
Current thread:
- CVE Request: libgdata did not verify SSL certificates Ludwig Nussel (Mar 14)
- Re: CVE Request: libgdata did not verify SSL certificates Marc Deslauriers (Mar 14)
- Re: CVE Request: libgdata did not verify SSL certificates Kurt Seifried (Mar 14)
- Re: CVE Request: libgdata did not verify SSL certificates Marc Deslauriers (Mar 14)