[Mageia-dev] Freeze push: gnome-online-accounts 3.6.3
Jani Välimaa
wally at mageia.org
Mon Mar 4 18:43:43 CET 2013
Hi,
please push new gnome-online-accounts.
CVE-2013-0240 was already fixed with a patch, but it's now applied by
upstream. Another CVE is also fixed.
Begin forwarded message:
Date: Mon, 4 Mar 2013 14:33:39 +0000
From: Debarshi Ray <rishi.is at lostca.se>
To: GNOME Distributors List <distributor-list at gnome.org>
Subject: GNOME Online Accounts 3.6.3 fixes 2 CVEs
Hello distributors and packagers!
If you are shipping GNOME 3.6.x, you should update
gnome-online-accounts to 3.6.3 because it fixes the following 2 CVEs:
- 693214 Guard against invalid SSL certificates (CVE-2013-0240)
- 695106 Do not send the credentials before notifying the user of an
invalid SSL certificate (CVE-2013-1799)
-------------- next part --------------
_______________________________________________
distributor-list mailing list
distributor-list at gnome.org
https://mail.gnome.org/mailman/listinfo/distributor-list
More information about the Mageia-dev
mailing list