[liblwp-protocol-https-perl] 01/02: Add CVE reference
Salvatore Bonaccorso
carnil at debian.org
Tue May 13 20:49:09 UTC 2014
This is an automated email from the git hooks/post-receive script.
carnil pushed a commit to branch master
in repository liblwp-protocol-https-perl.
commit 434df35a3c4608fdc00efd0c9a79e8e014ee8d25
Author: Salvatore Bonaccorso <carnil at debian.org>
Date: Tue May 13 22:45:10 2014 +0200
Add CVE reference
---
debian/changelog | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/debian/changelog b/debian/changelog
index 965e079..e96b14c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -11,7 +11,7 @@ liblwp-protocol-https-perl (6.04-3) UNRELEASED; urgency=medium
Fixes "HTTPS_CA_DIR or HTTPS_CA_FILE disables peer certificate
verification for IO::Socket::SSL". When the intention was to only
disable hostname verification LWP::Protocol::HTTPS disabled also the
- peer certificate verification completely.
+ peer certificate verification completely. (CVE-2014-3230)
Thanks to Jakub Wilk and Steffen Ullrich (Closes: #746579)
* Update fix-https-proxy for fixed behaviour of LWP::Protocol::https
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/liblwp-protocol-https-perl.git
More information about the Pkg-perl-cvs-commits
mailing list