GNOME Online Accounts Vulnerability Closed by Canonical

Several Ubuntu operating systems have been affected by this problem

  Ubuntu 12.04 LTS desktop
On March 25, Canonical published in a security notice details about a GNOME Online Accounts vulnerability for its Ubuntu 12.10, Ubuntu 12.04 LTS, and Ubuntu 11.10 operating systems.

On March 25, Canonical published in a security notice details about a GNOME Online Accounts vulnerability for its Ubuntu 12.10, Ubuntu 12.04 LTS, and Ubuntu 11.10 operating systems.

According to Canonical, GNOME Online Accounts could be made to expose sensitive information over the network.

It was discovered that GNOME Online Accounts did not properly check SSL certificates when configuring online accounts. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to alter or compromise credentials and confidential information.

The security flaws can be fixed if you upgrade your system(s) to the latest libgoa-1.0-0 and gnome-online-accounts packages, specific to each distribution. To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes. A system restart won't be necessary to implement the changes.

Comments