commons-httpclient 3.1-11 source package in Ubuntu
Changelog
commons-httpclient (3.1-11) unstable; urgency=high
* Team upload.
* Add CVE-2014-3577.patch. (Closes: #758086)
It was found that the fix for CVE-2012-6153 was incomplete: the code added
to check that the server hostname matches the domain name in a subject's
Common Name (CN) field in X.509 certificates was flawed. A
man-in-the-middle attacker could use this flaw to spoof an SSL server using
a specially crafted X.509 certificate. The fix for CVE-2012-6153 was
intended to address the incomplete patch for CVE-2012-5783. The issue is
now completely resolved by applying this patch and the
06_fix_CVE-2012-5783.patch.
* Change java.source and java.target ant properties to 1.5, otherwise
commons-httpclient will not compile with this patch.
-- Markus Koschany <email address hidden> Mon, 23 Mar 2015 22:57:54 +0100
Upload details
- Uploaded by:
- Debian Java Maintainers
- Uploaded to:
- Sid
- Original maintainer:
- Debian Java Maintainers
- Architectures:
- all
- Section:
- libs
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| commons-httpclient_3.1-11.dsc | 2.0 KiB | 81b0cbe1b1804c5c43cac7d089ba9ca65fe971ef3015602c8c790193a87eb3a6 |
| commons-httpclient_3.1.orig.tar.gz | 1.8 MiB | f9a496d3418b0e15894fb351652cd4fa5ca434ebfc3ce3bb8da40defd8b097f2 |
| commons-httpclient_3.1-11.debian.tar.xz | 12.2 KiB | 51feecd75226900f90e52eaa2b3660579b0e734740ef07cffb8f1a6c3db9aaeb |
Available diffs
- diff from 3.1-10.2 to 3.1-11 (2.2 KiB)
No changes file available.
Binary packages built by this source
- libcommons-httpclient-java: No summary available for libcommons-httpclient-java in ubuntu wily.
No description available for libcommons-
httpclient- java in ubuntu wily.
- libcommons-httpclient-java-doc: No summary available for libcommons-httpclient-java-doc in ubuntu wily.
No description available for libcommons-
httpclient- java-doc in ubuntu wily.
