lp:~jtaylor/ubuntu/lucid/gajim/multiple-CVE
Created by
Julian Taylor
and last modified
- Get this branch:
- bzr branch lp:~jtaylor/ubuntu/lucid/gajim/multiple-CVE
Only
Julian Taylor
can upload to this branch. If you are
Julian Taylor
please log in for upload directions.
Branch merges
Propose for merging
No branches
dependent on this one.
- Ubuntu Development Team: Pending requested
-
Diff: 376 lines (+347/-0)5 files modifieddebian/changelog (+19/-0)
debian/patches/00list (+3/-0)
debian/patches/CVE-2012-2085.dpatch (+54/-0)
debian/patches/CVE-2012-2086.dpatch (+157/-0)
debian/patches/CVE-2012-2093.dpatch (+114/-0)
Related bugs
Bug #992613: gajim: CVE-2012-2093 insecure temporary file creation in LaTeX support | Medium | Fix Released | |
Bug #992618: gajim code execution and sql injection | Medium | Fix Released |
Related blueprints
Branch information
- Owner:
- Julian Taylor
- Status:
- Merged
Recent revisions
- 49. By Julian Taylor
-
* SECURITY UPDATE: assisted code execution (LP: #XXX)
- debian/patches/ CVE-2012- 2085.dpatch: fix subprocess call to prevent
shell escape
https://trac.gajim. org/changeset/ bc296e96ac10
- CVE-2012-2085
* SECURITY UPDATE: sql injection (LP: #XXX)
- debian/patches/ CVE-2012- 2086.dpatch: use a prepated statement
https://trac.gajim. org/changeset/ bfd5f94489d8
- CVE-2012-2086
* SECURITY UPDATE: insecure tmpfile creation(LP: #XXX)
- debian/patches/ CVE-2012- 2093.dpatch: use safe tmpfile functions
- CVE-2012-2093 - 48. By Chris Coulson
-
* debian/control:
- Change python-gnome2- extras recommends to python-eggtrayicon.
The former package has gone away in Lucid.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/quantal/gajim