Bug#692650: Patches for CVE-2012-5783 and CVE-2012-5784
Alberto Fernández
infjaf at gmail.com
Thu Nov 22 23:03:59 UTC 2012
El jue, 22-11-2012 a las 04:00 -0500, Michael Gilbert escribió:
> > I've backported the routine to validate certificate name, and I've made
> > a patch (attached).
> >
> > I'm not sure it's a good idea apply the patch, it can break programs
> > that connect with "bad" hostnames (ips, host in /etc/hostname, etc)
>
> Would you mind getting your patches for these issues reviewed and
> applied by the appropriate upstreams?
>
> Thanks,
> Mike
Hi Mike
I've read your tip again. Sorry for not understanding in the first
time.
I'll prepare the patch again upstream, and post it on their BTS.
More information about the pkg-java-maintainers
mailing list