You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa xchat-gnome

Sigurnosni nedostatak programskog paketa xchat-gnome

by ncert - 0

==========================================================================
Ubuntu Security Notice USN-2945-1
April 04, 2016

xchat-gnome vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 15.10
– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS

Summary:

XChat-GNOME could be made to expose sensitive information over the network.

Software Description:
– xchat-gnome: simple and featureful IRC client for GNOME

Details:

It was discovered that XChat-GNOME incorrectly verified the hostname in an
SSL certificate. An attacker could trick XChat-GNOME into trusting a rogue
server’s certificate, which was signed by a trusted certificate authority,
to perform a man-in-the-middle attack.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
xchat-gnome 1:0.30.0~git20141005.816798-0ubuntu6.2

Ubuntu 14.04 LTS:
xchat-gnome
1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12.2

Ubuntu 12.04 LTS:
xchat-gnome 1:0.30.0~git20110821.e2a400-0.2ubuntu4.3

After a standard system update you need to restart XChat-GNOME to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2945-1
https://launchpad.net/bugs/1565000

Package Information:

https://launchpad.net/ubuntu/+source/xchat-gnome/1:0.30.0~git20141005.816798-0ubuntu6.2

https://launchpad.net/ubuntu/+source/xchat-gnome/1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12.2

https://launchpad.net/ubuntu/+source/xchat-gnome/1:0.30.0~git20110821.e2a400-0.2ubuntu4.3

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAEBCgAGBQJXArpBAAoJEGVp2FWnRL6T8l8P/RUBioAPrdkVNFqc56HXWeet
7bpJInTp1dzkP6DFyPpILp6IwMtrf4xnt3vM+Amm4Wjn25IKo3CGWSf2uAiFDjyQ
DFTxoJIG1DJ/U0x1pvd6xSVu2xwK8z/OTnKa5Mz6Ow8x5ezkTG7W/zww2cNII41Z
7y/1uBIDRKclwpYSo299RTLvmJ4VvWziS7rThy94JZjaT/dQ2VQtypqVukLd9Ubl
Q+ZA12QyDfx+bF3ycKwoztcqDQs3eyuPI1VYQxQwwHdQfhZqUQSzacXJ1vg20Pll
iwybQu5nnTeQmriIOuMy0bf9sGVMzBxYyuDiWZfazPfb11LYNCB+MSG2+skNvQF+
gTDISokjMHUiJCnB7/uRxfHdlbQ+VIzSAY+LYd+e1FhgSR12Cf3Ry9kVh89Lyeu3
GI4fekB8ez/CYksrvnR7hvjWXWIu/FJ/lmrlqjVQ1P0F+G5LwSUJYVhlwsmZHLia
8lFBxrL/t5kMPQs8H6mCSQSCGZC5GGGgkfhc/CIVg+lbVcYOsjdFA/BNNL+0sJdH
oZa/+NRKjWQN93Fjk0GaBOcDqLRMFKn88J31qTsm4YMkUCX96R0RLrkxKZntGvP0
C1ofAt+xLoVoJwslBfkUZ8eL4BV234z7ani+fJwx7ALFgveSKI6seg+1RLXWYzno
T2X1JGhnxesV4WOpGHTr
=JB+y
—–END PGP SIGNATURE—–

ncert
Top
More in Preporuke
Sigurnosni nedostaci programskih paketa nss, nss-util i nspr

Otkriveni su sigurnosni nedostaci u programskim paketima nss, nss-util i nspr za operacijski sustav RHEL 6. Otkriveni nedostaci potencijalnim napadačima...

Close