NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2bb76ab701
kumquat-buildroot/package/glib-networking/glib-networking.hash
Fabrice Fontaine 8f3d361f5c package/glib-networking: security bump to version 2.62.4 
- Fix CVE-2020-13645: In GNOME glib-networking through 2.64.2, the
  implementation of GTlsClientConnection skips hostname verification of
  the server's TLS certificate if the application fails to specify the
  expected server identity. This is in contrast to its intended
  documented behavior, to fail the certificate verification.
  Applications that fail to provide the server identity, including Balsa
  before 2.5.11 and 2.6.x before 2.6.1, accept a TLS certificate if the
  certificate is valid for any host.
- Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: bump to 2.62.4 rather than 2.64.3]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-06-01 22:37:50 +02:00

4 lines
286 B
Plaintext
Raw Blame History

# From http://ftp.gnome.org/pub/gnome/sources/glib-networking/2.62/glib-networking-2.62.4.sha256sum
sha256 c18f289eec480fdce12044c0a06f77521edf9f460d16ad4213de61f2a3b294cf glib-networking-2.62.4.tar.xz
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING
Reference in New Issue View Git Blame Copy Permalink