Bug#719922: pu: package python-httplib2/0.7.4-2

To: Vincent Bernat <bernat@debian.org>, 719922@bugs.debian.org
Subject: Bug#719922: pu: package python-httplib2/0.7.4-2
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Fri, 16 Aug 2013 22:22:40 +0100
Message-id: <[🔎] 1376688160.32416.9.camel@jacala.jungle.funky-badger.org>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 719922@bugs.debian.org
In-reply-to: <[🔎] 20130816205156.16480.21644.reportbug@guybrush.luffy.cx>
References: <[🔎] 20130816205156.16480.21644.reportbug@guybrush.luffy.cx>

Control: tags -1 + confirmed wheezy

On Fri, 2013-08-16 at 22:51 +0200, Vincent Bernat wrote:
> python-httplib2 currently in stable has a small security issue where a
> certificate hostname mismatched is catched the first time but not the
> second time. This issue has been fixed in unstable and the security
> does not think this bug is important enough to get a DSA and propose
> it to be fixed in the next point release:
>  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706602

+  * Stable update to fix CVE-2013-2037, #706602 by applying the same patch
+    as in unstable.

Feel free to use "Closes: #706602" there. :-)

Please go ahead; thanks.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#719922: pu: package python-httplib2/0.7.4-2
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Bug#719922: pu: package python-httplib2/0.7.4-2
  - From: Vincent Bernat <bernat@debian.org>

Prev by Date: Bug#719922: pu: package python-httplib2/0.7.4-2
Next by Date: Processed: Re: Bug#719922: pu: package python-httplib2/0.7.4-2
Previous by thread: Bug#719922: pu: package python-httplib2/0.7.4-2
Next by thread: Bug#719922: pu: package python-httplib2/0.7.4-2
Index(es):
- Date
- Thread