Canonical Fixes Telepathy-idle Exploit in Ubuntu 13.04

Users will have to update and restart the operating system

On May 10, in a security notice Canonical published details about a telepathy-idle vulnerability for its Ubuntu 13.04, Ubuntu 12.10, and Ubuntu 12.04 LTS operating systems.

According to Canonical, telepathy-idle could have been made to expose sensitive information over the network.

It was discovered that telepathy-idle did not perform any server certificate validation when using SSL connections.

If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be

exploited to alter or compromise confidential information.

The security flaws can be fixed if you upgrade your system(s) to the latest telepathy-idle package, specific to the distribution. To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes. After the system update, you need to reboot your computer to make all the necessary changes.

Hot right now  ·  Latest news