This bug was fixed in the package hexchat - 2.9.6.1-2ubuntu0.1
--------------- hexchat (2.9.6.1-2ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: no ssl hostname verification (LP: #1565000) - debian/patches/validate_ssl_hostnames.patch: properly validate hostnames in src/common/server.c, src/common/ssl.c, src/common/ssl.h. - CVE number pending * SECURITY UPDATE: missing ssl certificate handled incorrectly - debian/patches/handle_missing_ssl_cert.patch: fail connection if certificate isn't found in src/common/server.c. - No CVE number
-- Marc Deslauriers <email address hidden> Fri, 01 Apr 2016 19:53:41 -0400
This bug was fixed in the package hexchat - 2.9.6.1-2ubuntu0.1
--------------- 1-2ubuntu0. 1) trusty-security; urgency=medium
hexchat (2.9.6.
* SECURITY UPDATE: no ssl hostname verification (LP: #1565000) patches/ validate_ ssl_hostnames. patch: properly validate server. c, src/common/ssl.c, src/common/ssl.h. patches/ handle_ missing_ ssl_cert. patch: fail connection if server. c.
- debian/
hostnames in src/common/
- CVE number pending
* SECURITY UPDATE: missing ssl certificate handled incorrectly
- debian/
certificate isn't found in src/common/
- No CVE number
-- Marc Deslauriers <email address hidden> Fri, 01 Apr 2016 19:53:41 -0400