apache-commons-httpclient

SHA256

forked from pool/apache-commons-httpclient

Go to file

Fridrich Strba 6f51036dc3 Accepting request 844266 from home:pmonrealgonzalez:branches:Java:packages

- Security fix [bsc#945190, CVE-2015-5262]
  * http/conn/ssl/SSLConnectionSocketFactory.java ignores the
    http.socket.timeout configuration setting during an SSL handshake,
    which allows remote attackers to cause a denial of service (HTTPS
    call hang) via unspecified vectors.
- Add apache-commons-httpclient-CVE-2015-5262.patch

- Security fix [bsc#1178171, CVE-2014-3577]
  * org.apache.http.conn.ssl.AbstractVerifier does not properly
    verify that the server hostname matches a domain name in the
    subject's Common Name (CN) or subjectAltName field of the X.509
    certificate, which allows MITM attackers to spoof SSL servers
    via a "CN=" string in a field in the distinguished name (DN)
    of a certificate.
- Add apache-commons-httpclient-CVE-2014-3577.patch

OBS-URL: https://build.opensuse.org/request/show/844266
OBS-URL: https://build.opensuse.org/package/show/Java:packages/apache-commons-httpclient?expand=0&rev=25

2020-11-02 14:43:49 +00:00

.gitattributes

Accepting request 150900 from home:posophe

2013-02-05 12:54:40 +00:00

.gitignore

Accepting request 150900 from home:posophe

2013-02-05 12:54:40 +00:00

apache-commons-httpclient-addosgimanifest.patch

Accepting request 150900 from home:posophe

2013-02-05 12:54:40 +00:00

apache-commons-httpclient-CVE-2014-3577.patch

Accepting request 844266 from home:pmonrealgonzalez:branches:Java:packages