godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-02 21:48:20 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
3f231091c480ea2fb4e5edaaffcc75665c46bb58
buildroot/package/glib-networking
History
Fabrice Fontaine c128c6384b package/glib-networking: security bump to version 2.62.4 
- Fix CVE-2020-13645: In GNOME glib-networking through 2.64.2, the
  implementation of GTlsClientConnection skips hostname verification of
  the server's TLS certificate if the application fails to specify the
  expected server identity. This is in contrast to its intended
  documented behavior, to fail the certificate verification.
  Applications that fail to provide the server identity, including Balsa
  before 2.5.11 and 2.6.x before 2.6.1, accept a TLS certificate if the
  certificate is valid for any host.
- Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: bump to 2.62.4 rather than 2.64.3]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8f3d361f5c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-06-02 11:34:36 +02:00
..
Config.in
glib-networking.hash
package/glib-networking: security bump to version 2.62.4
2020-06-02 11:34:36 +02:00
glib-networking.mk
package/glib-networking: security bump to version 2.62.4
2020-06-02 11:34:36 +02:00