~ubuntu-branches/ubuntu/lucid/gajim/lucid-security

Viewing all changes in revision 49.

  • Committer: Package Import Robot
  • Author(s): Julian Taylor
  • Date: 2012-05-10 17:48:53 UTC
  • Revision ID: package-import@ubuntu.com-20120510174853-o6iecm81m8bc0g0i
Tags: 0.13-0ubuntu2.1
* SECURITY UPDATE: assisted code execution (LP: #992618)
  - debian/patches/CVE-2012-2085.dpatch: fix subprocess call to prevent
    shell escape from via crafted messages
    https://trac.gajim.org/changeset/bc296e96ac10
  - CVE-2012-2085
* SECURITY UPDATE: sql injection in logging code (LP: #992618)
  - debian/patches/CVE-2012-2086.dpatch: use a prepated statement
    https://trac.gajim.org/changeset/bfd5f94489d8
  - CVE-2012-2086
* SECURITY UPDATE: insecure tmpfile creation (LP: #992613)
  - debian/patches/CVE-2012-2093.dpatch: use safe tmpfile functions
    when convering LaTeX IM messages to png images
    Thanks to Nico Golde
  - CVE-2012-2093

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: