Описание
Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| shotwell | fixed | 0.22.0-3 | package | |
| shotwell | no-dsa | jessie | package | |
| shotwell | no-dsa | wheezy | package | |
| shotwell | no-dsa | squeeze | package |
Примечания
https://www.openwall.com/lists/oss-security/2015/12/04/4
https://bugzilla.gnome.org/show_bug.cgi?id=754488
Связанные уязвимости
Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.
Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.
Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.
Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.