Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 539640 (CVE-2014-0139) - <net-ftp/lftp-4.6.2:incorrectly validates wildcard SSL certificates containing literal IP addresses using code borrowed from libcurl (CVE-2014-0139)
Summary: <net-ftp/lftp-4.6.2:incorrectly validates wildcard SSL certificates containin...
Status: RESOLVED FIXED
Alias: CVE-2014-0139
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://comments.gmane.org/gmane.netwo...
Whiteboard: B4 [noglsa]
Keywords:
Depends on: 536036
Blocks:
  Show dependency tree
 
Reported: 2015-02-10 15:58 UTC by Jeroen Roovers (RETIRED)
Modified: 2015-06-30 22:37 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jeroen Roovers (RETIRED) gentoo-dev 2015-02-10 15:58:14 UTC
This is already addressed in a development release 4.6.1.20150210 but not in a stable release.
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2015-05-25 05:30:27 UTC
All done.
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2015-06-06 15:00:08 UTC
Arches and Maintainer(s), Thank you for your work.

Security Please Vote.
First GLSA Vote: No
Comment 3 Tobias Heinlein (RETIRED) gentoo-dev 2015-06-30 22:37:58 UTC
NO too, closing.