oss-sec mailing list archives

Re: [CVE Assignment Notification] CVE-2013-0240 - Gnome Online Accounts (GOA) (previously) failed to verify SSL certificates when creating e.g. Windows Live or Facebook accounts

From: Simon McVittie <smcv () debian org>
Date: Tue, 05 Feb 2013 17:08:06 +0000

On 05/02/13 16:12, Jan Lieskovsky wrote:

  it was found that Gnome Online Accounts (GOA)
did not perform SSL certificate validation, when
performing Windows Live and Facebook accounts creation.

...

The CVE identifier of CVE-2013-0240 has been assigned
to this issue.


Now that this is public, I've opened GNOME bug
https://bugzilla.gnome.org/show_bug.cgi?id=693214 to track this bug and
its fixes for the various available branches.

    S

Current thread:

[CVE Assignment Notification] CVE-2013-0240 - Gnome Online Accounts (GOA) (previously) failed to verify SSL certificates when creating e.g. Windows Live or Facebook accounts Jan Lieskovsky (Feb 05)
- Re: [CVE Assignment Notification] CVE-2013-0240 - Gnome Online Accounts (GOA) (previously) failed to verify SSL certificates when creating e.g. Windows Live or Facebook accounts Simon McVittie (Feb 05)