Comment 36 for bug 1409142
Revision history for this message
| Jeremy Stanley (fungi) wrote Re: Websocket Hijacking Vulnerability in Nova VNC Server (CVE-2015-0259) | #36 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
I suspect (but would love to be proven wrong) that any fix involving adding configuration to handle these situations will be at odds with our stable branch change policy, and as such would not be covered by the security advisory since it would only be mitigated thoroughly in the master branch and next major release.