Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2011-4409

Publication date 6 June 2012

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive information via a man-in-the-middle (MITM) attack.

Status

Package Ubuntu Release Status
ubuntuone-client 12.04 LTS precise
Fixed 3.0.0-0ubuntu1.1
11.10 oneiric
Fixed 2.0.1-0ubuntu1.1
11.04 natty
Fixed 1.6.2-0ubuntu2.1
10.04 LTS lucid
Fixed 1.2.2-0ubuntu2.2
8.04 LTS hardy Not in release
ubuntuone-storage-protocol 12.04 LTS precise
Fixed 3.0.0-0ubuntu1.1
11.10 oneiric
Fixed 2.0.1-0ubuntu1.1
11.04 natty
Fixed 1.6.1-0ubuntu1.2
10.04 LTS lucid
Fixed 1.2.0-0ubuntu1.1
8.04 LTS hardy Not in release

References

Related Ubuntu Security Notices (USN)

    • USN-1465-2
    • Ubuntu One storage protocol update
    • 6 June 2012
    • USN-1465-3
    • Ubuntu One Client regression
    • 6 June 2012
    • USN-1465-1
    • Ubuntu One Client vulnerability
    • 6 June 2012

Other references