Ubuntu
gajim package

lp:~jtaylor/ubuntu/lucid/gajim/multiple-CVE

Created by Julian Taylor on 2012-05-01 and last modified on 2012-05-16

Only Julian Taylor can upload to this branch. If you are Julian Taylor please log in for upload directions.

No branches dependent on this one.

Merged into lp:ubuntu/lucid/gajim

Ubuntu Development Team: Pending requested 2012-05-01

Bug #992613: gajim: CVE-2012-2093 insecure temporary file creation in LaTeX support	Medium	Fix Released
Bug #992618: gajim code execution and sql injection	Medium	Fix Released

55. By Julian Taylor on 2012-05-10: fix missing wait on process end
54. By Julian Taylor on 2012-05-10: fix missing jid tuple in patch
53. By Julian Taylor on 2012-05-01: nicen changelog
52. By Julian Taylor on 2012-05-01: fix error in patch, obj.command is only used in >= 0.14
51. By Julian Taylor on 2012-05-01: Thanks to Nico Golde
50. By Julian Taylor on 2012-05-01: add lp bug numbers
49. By Julian Taylor on 2012-05-01: * SECURITY UPDATE: assisted code execution (LP: #XXX)
  - debian/patches/CVE-2012-2085.dpatch: fix subprocess call to prevent
    shell escape
    https://trac.gajim.org/changeset/bc296e96ac10
  - CVE-2012-2085
* SECURITY UPDATE: sql injection (LP: #XXX)
  - debian/patches/CVE-2012-2086.dpatch: use a prepated statement
    https://trac.gajim.org/changeset/bfd5f94489d8
  - CVE-2012-2086
* SECURITY UPDATE: insecure tmpfile creation(LP: #XXX)
  - debian/patches/CVE-2012-2093.dpatch: use safe tmpfile functions
  - CVE-2012-2093
48. By Chris Coulson on 2009-12-15: * debian/control:
- Change python-gnome2-extras recommends to python-eggtrayicon.
The former package has gone away in Lucid.
47. By Maia Kozheva <sikon@maia-desktop> on 2009-11-25: Removed installation for .so files
46. By Maia Kozheva <sikon@maia-desktop> on 2009-11-25: Removed obsolete patches

This branch contains Public information

Everyone can see this information.