/[advisories]/8933.adv
ViewVC logotype

Annotation of /8933.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 142 - (hide annotations) (download)
Sat Jul 6 14:11:26 2013 UTC (6 years, 2 months ago) by boklm
File size: 675 byte(s)
MGASA-2013-0199
1 davidwhodgins 117 type: security
2     subject: Updated jakarta-commons-httpclient package fixes security vulnerability
3     CVE:
4     - CVE-2012-5783
5     src:
6     2:
7     core:
8     - jakarta-commons-httpclient-3.1-3.1.mga2
9     description: |
10     The Jakarta Commons HttpClient component did not verify that the server
11     hostname matched the domain name in the subject's Common Name (CN) or
12     subjectAltName field in X.509 certificates. This could allow a
13     man-in-the-middle attacker to spoof an SSL server if they had a certificate
14     that was valid for any domain name (CVE-2012-5783).
15     references:
16     - https://bugs.mageia.org/show_bug.cgi?id=8933
17     - https://rhn.redhat.com/errata/RHSA-2013-0270.html
18 boklm 142 ID: MGASA-2013-0199

  ViewVC Help
Powered by ViewVC 1.1.26