Package "commons-httpclient"

Name:	commons-httpclient
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: A Java(TM) library for creating HTTP clients Documentation for libcommons-httpclient-java
Latest version:	3.1-10.2ubuntu0.14.04.1
Release:	trusty (14.04)
Level:	security
Repository:	main

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "commons-httpclient" in Trusty

Repository	Area	Version
base	main	3.1-10.2
updates	main	3.1-10.2ubuntu0.14.04.1

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 3.1-10.2ubuntu0.14.04.1 2015-10-14 16:06:25 UTC

commons-httpclient (3.1-10.2ubuntu0.14.04.1) trusty-security; urgency=medium * SECURITY UPDATE: improper certificate hostname verification - debian/patches/CVE-2014-3577.patch: fix Common Name logic in src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java. - CVE-2014-3577 * SECURITY UPDATE: denial of service via failure to set socket timeout - debian/patches/CVE-2015-5262.patch: respect configured timeout in src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java. - CVE-2015-5262 * debian/ant.properties: bump version to 1.5 to handle security fixes. -- Marc Deslauriers Thu, 01 Oct 2015 08:51:52 -0400

CVE-2014-3577	org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify
CVE-2015-5262	Possible DoS due to failure to set socket timeout on SSL connections

About - Send Feedback to @ubuntu_updates

Package "commons-httpclient"

Links

Other versions of "commons-httpclient" in Trusty

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

updates

security

proposed

PPA updates