Fedora 20 FEDORA-2015-6891 Moderate: async-http-client SSL Issues
fedora
May 8, 2015
Security fix for CVE-2013-7398, CVE-2013-7397
Summary
Async Http Client library purpose is to allow Java applications to
easily execute HTTP requests and asynchronously process the HTTP
responses. The Async HTTP Client library is simple to use.
Update Information:
Security fix for CVE-2013-7398, CVE-2013-7397
Change Log
* Fri Apr 24 2015 Michal Srb
References
[ 1 ] Bug #1133773 - CVE-2013-7398 async-http-client: missing hostname verification for SSL certificates
https://bugzilla.redhat.com/show_bug.cgi?id=1133773
[ 2 ] Bug #1133769 - CVE-2013-7397 async-http-client: SSL/TLS certificate verification is disabled under certain conditions
https://bugzilla.redhat.com/show_bug.cgi?id=1133769
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update async-http-client' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: async-http-client
Product: Fedora 20
Version: 1.7.22
Release: 2.fc20
Summary: Asynchronous Http Client for Java
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!