Comment 34 for bug 882062

This bug was fixed in the package ubuntuone-client - 1.2.2-0ubuntu2.2

---------------
ubuntuone-client (1.2.2-0ubuntu2.2) lucid-security; urgency=low

  * SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #882062)
    - debian/patches/CVE-2011-4409.patch: use pycurl instead of urllib2 in
      bin/ubuntuone-preferences, tests/syncdaemon/test_action_queue.py,
      use pycurl instead of urllib2 and send hostname for validation in
      ubuntuone/syncdaemon/action_queue.py, use correct URL in
      data/syncdaemon.conf, correctly verify hostname in
      ubuntuone/oauthdesktop/auth.py, send hostname for validation in
      ubuntuone/u1sync/client.py, use pycurl instead of urllib2 in
      ubuntuone/utils/*, ship utils directory in Makefile.*.
    - debian/python-ubuntuone-client.install: also ship new utils
      directory.
    - debian/control: bump python-ubuntuone-storageprotocol dependency to
      security update.
    - debian/control: add python-pycurl dependency.
    - debian/rules: remove simple-patchsys.mk as this is a quilt package.
    - CVE-2011-4409
 -- Marc Deslauriers <email address hidden> Thu, 31 May 2012 10:47:06 -0400