CVE-2012-1177

Priority
Medium
Description
libgdata before 0.10.2 and 0.11.x before 0.11.1 does not validate SSL
certificates, which allows remote attackers to obtain user names and
passwords via a man-in-the-middle (MITM) attack with a spoofed certificate.
References
Bugs
Assigned-to
sbeattie
Package
Upstream:released (0.10.2-1)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (0.11.1-1)
Patches:
Patch:http://git.gnome.org/browse/libgdata/commit/?id=6799f2c525a584dc998821a6ce897e463dad7840
Patch:http://git.gnome.org/browse/libgdata/commit/?h=libgdata-0-10&id=8eff8fa9138859e03e58c2aa76600ab63eb5c29c
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (uses system libgdata)
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-15 19:39:16 UTC (commit 9690)