{"id":"USN-2945-1","summary":"xchat-gnome vulnerability","details":"It was discovered that XChat-GNOME incorrectly verified the hostname in an\nSSL certificate. An attacker could trick XChat-GNOME into trusting a rogue\nserver's certificate, which was signed by a trusted certificate authority,\nto perform a machine-in-the-middle attack.\n","modified":"2026-02-10T04:40:58Z","published":"2016-04-04T18:12:11Z","references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-2945-1"},{"type":"REPORT","url":"https://launchpad.net/bugs/1565000"}],"affected":[{"package":{"name":"xchat-gnome","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/xchat-gnome@1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12.2?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12.2"}]}],"versions":["1:0.30.0~git20110821.e2a400-0.2ubuntu9","1:0.30.0~git20110821.e2a400-0.2ubuntu10","1:0.30.0~git20110821.e2a400-0.2ubuntu11","1:0.30.0~git20110821.e2a400-0.2ubuntu12","1:0.30.0~git20131003.d20b8d-2ubuntu1","1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12","1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12.1"],"ecosystem_specific":{"binaries":[{"binary_name":"xchat-gnome","binary_version":"1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12.2"},{"binary_name":"xchat-gnome-common","binary_version":"1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12.2"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"cves":[],"ecosystem":"Ubuntu:14.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2945-1.json"}}],"schema_version":"1.7.3"}