UbuntuUpdates.org

Package "glib-networking"

Name: glib-networking

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • network-related giomodules for GLib - installed tests

Latest version: 2.48.2-1~ubuntu16.04.2
Release: xenial (16.04)
Level: security
Repository: universe

Links



Other versions of "glib-networking" in Xenial

Repository Area Version
base main 2.48.0-1
base universe 2.48.0-1
security main 2.48.2-1~ubuntu16.04.2
updates main 2.48.2-1~ubuntu16.04.2
updates universe 2.48.2-1~ubuntu16.04.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.48.2-1~ubuntu16.04.2 2020-06-29 02:06:20 UTC

  glib-networking (2.48.2-1~ubuntu16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Failure to validate TLS certificate hostname in
    certain conditions, contrary to documented behaviour
    - debian/patches/CVE-2020-13645.patch: Fail certificate verification
      when the server identity is missing. Based on upstream patch.
    - debian/patches/update-test-certs-for-gnutls.patch: Update the
      certificates used for unit test. Taken from upstream.
    - debian/patches/allow-insecure-md2-cert-in-test.patch: Allow insecure
      md2 certificate to used for one unit test. Taken from upstream.
    - CVE-2020-13645

 -- Alex Murray <email address hidden> Tue, 23 Jun 2020 16:38:37 +0930

CVE-2020-13645 In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if th



About   -   Send Feedback to @ubuntu_updates