From ${URL} : Hexchat did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. @maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.
yes
Arches, please stabilize: =net-irc/hexchat-2.10.2 Stable targets: alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
Stable for HPPA.
arm stable
amd64/x86 stable
sparc stable
ppc64 stable
ppc stable
ia64 stable
alpha stable. Maintainer(s), please cleanup. Security, please vote.
+ 24 Feb 2015; Julian Ospald <hasufell@gentoo.org> -hexchat-2.9.5-r1.ebuild, + -hexchat-2.9.6.1.ebuild, -hexchat-2.9.6.1-r1.ebuild, + -hexchat-2.9.6.1-r2.ebuild, -hexchat-2.10.0-r1.ebuild, + -hexchat-2.10.1.ebuild, -files/hexchat-2.9.1-input-box.patch, + -files/hexchat-2.9.5-cflags.patch, + -files/hexchat-2.9.5-fix_leftclick_opens_menu.patch, + -files/hexchat-2.9.5-gettextize.patch, -files/hexchat-2.9.5-gobject.patch, + -files/hexchat-2.9.6.1-sasl.patch, -files/hexchat-2.9.6.1-xdcc.patch, + -files/hexchat-2.10.0-plugins.patch, -files/hexchat-2.10.0-pofiles.patch, + metadata.xml: + cleanup old wrt #538228
Thanks for cleanup. GLSA Vote: No
GLSA Vote: No