USN-2945-1

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/USN-2945-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2945-1.json

JSON Data

https://api.osv.dev/v1/vulns/USN-2945-1

Published

2016-04-04T18:12:11Z

Modified

2026-02-10T04:40:58Z

Summary

xchat-gnome vulnerability

Details

It was discovered that XChat-GNOME incorrectly verified the hostname in an SSL certificate. An attacker could trick XChat-GNOME into trusting a rogue server's certificate, which was signed by a trusted certificate authority, to perform a machine-in-the-middle attack.

References

Affected packages

Ubuntu:14.04:LTS / xchat-gnome

Package

Name: xchat-gnome
Purl: pkg:deb/ubuntu/xchat-gnome@1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12.2?arch=source&distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12.2

Affected versions

1:0.*

1:0.30.0~git20110821.e2a400-0.2ubuntu9

1:0.30.0~git20110821.e2a400-0.2ubuntu10

1:0.30.0~git20110821.e2a400-0.2ubuntu11

1:0.30.0~git20110821.e2a400-0.2ubuntu12

1:0.30.0~git20131003.d20b8d-2ubuntu1

1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12

1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12.2",
            "binary_name": "xchat-gnome"
        },
        {
            "binary_version": "1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12.2",
            "binary_name": "xchat-gnome-common"
        }
    ],
    "availability": "No subscription required"
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2945-1.json"

cves_map

{
    "cves": [],
    "ecosystem": "Ubuntu:14.04:LTS"
}