[ubuntu/lucid-security] gajim_0.13-0ubuntu2.1_ia64_translations.tar.gz, gajim, gajim_0.13-0ubuntu2.1_i386_translations.tar.gz, gajim_0.13-0ubuntu2.1_amd64_translations.tar.gz, gajim_0.13-0ubuntu2.1_sparc_translations.tar.gz, gajim_0.13-0ubuntu2.1_armel_translations.tar.gz, gajim_0.13-0ubuntu2.1_powerpc_translations.tar.gz 0.13-0ubuntu2.1 (Accepted)
Julian Taylor
jtaylor at ubuntu.com
Mon May 14 18:03:52 UTC 2012
gajim (0.13-0ubuntu2.1) lucid-security; urgency=low
* SECURITY UPDATE: assisted code execution (LP: #992618)
- debian/patches/CVE-2012-2085.dpatch: fix subprocess call to prevent
shell escape from via crafted messages
https://trac.gajim.org/changeset/bc296e96ac10
- CVE-2012-2085
* SECURITY UPDATE: sql injection in logging code (LP: #992618)
- debian/patches/CVE-2012-2086.dpatch: use a prepated statement
https://trac.gajim.org/changeset/bfd5f94489d8
- CVE-2012-2086
* SECURITY UPDATE: insecure tmpfile creation (LP: #992613)
- debian/patches/CVE-2012-2093.dpatch: use safe tmpfile functions
when convering LaTeX IM messages to png images
Thanks to Nico Golde
- CVE-2012-2093
Date: Thu, 10 May 2012 17:48:53 -0700
Changed-By: Julian Taylor <jtaylor at ubuntu.com>
Maintainer: Nafallo Bjälevik <nafallo at ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/gajim/0.13-0ubuntu2.1
-------------- next part --------------
Format: 1.8
Date: Thu, 10 May 2012 17:48:53 -0700
Source: gajim
Binary: gajim
Architecture: source
Version: 0.13-0ubuntu2.1
Distribution: lucid-security
Urgency: low
Maintainer: Nafallo Bjälevik <nafallo at ubuntu.com>
Changed-By: Julian Taylor <jtaylor at ubuntu.com>
Description:
gajim - Jabber client written in PyGTK
Launchpad-Bugs-Fixed: 992613 992618 992618
Changes:
gajim (0.13-0ubuntu2.1) lucid-security; urgency=low
.
* SECURITY UPDATE: assisted code execution (LP: #992618)
- debian/patches/CVE-2012-2085.dpatch: fix subprocess call to prevent
shell escape from via crafted messages
https://trac.gajim.org/changeset/bc296e96ac10
- CVE-2012-2085
* SECURITY UPDATE: sql injection in logging code (LP: #992618)
- debian/patches/CVE-2012-2086.dpatch: use a prepated statement
https://trac.gajim.org/changeset/bfd5f94489d8
- CVE-2012-2086
* SECURITY UPDATE: insecure tmpfile creation (LP: #992613)
- debian/patches/CVE-2012-2093.dpatch: use safe tmpfile functions
when convering LaTeX IM messages to png images
Thanks to Nico Golde
- CVE-2012-2093
Checksums-Sha1:
af11b33cb0518d00685efdff02be606a6de63add 1790 gajim_0.13-0ubuntu2.1.dsc
0102d919bde187875b4f4fc32fd32d8fdea8b4aa 13892 gajim_0.13-0ubuntu2.1.diff.gz
Checksums-Sha256:
f936b884292a284ddf91ee114a76a7fb2300b1f05d877117e32bdb6b70dec857 1790 gajim_0.13-0ubuntu2.1.dsc
b14ad993a1822fc1f242b67d9d855fcce688339727593e730e2cf77d48c29f8d 13892 gajim_0.13-0ubuntu2.1.diff.gz
Files:
02643a199d7759ae1db8c94140928a39 1790 net optional gajim_0.13-0ubuntu2.1.dsc
806c461f320099509314fa8dade9e74d 13892 net optional gajim_0.13-0ubuntu2.1.diff.gz
More information about the Lucid-changes
mailing list