[SECURITY] [DLA 413-1] gajim security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 413-1] gajim security update
From: Brian May <bam@debian.org>
Date: Tue, 9 Feb 2016 17:27:21 +1100
Message-id: <[🔎] 20160209062721.GA8042@prune.linuxpenguins.xyz>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : gajim
Version        : 0.13.4-3+squeeze4
CVE ID         : CVE-2015-8688
Debian Bug     : 809900

Affected versions of gajim allow remote attackers to modify the roster
and intercept messages via a crafted roster-push IQ stanza.

This has been fixed in squeeze-lts by version 0.13.4-3+squeeze4.
- -- 
Brian May <bam@debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWuYbJAAoJEJyE7hq50CY2ZDcP/1uZWuhWwScnxd7kqfBQUYp8
G8PSLTL5yJVWoPW32eDADuFP/7qsKcb7rMDhaAuBl4ZRs9BFCEN3l72qbpZTe6zW
xi2M9oABIJkvFvYG4UWFikF59tJcw/r0QlIu1dcMG/5UaAGhc7/KP8U8AGCbHrMP
HNpLCIs3DQnOyxCY6OPoQk/IykDOq9HTWe9jkRoid0oS4dhqG04zGTB9HwxhUhZY
/HK0XUCaa5EwIxUKkvZnxrRzG2HUt8C6jVyv6gZluXWojadJcnhMw7ENZgJQSZ2C
oBDS/hqSiLmT0I9W25Nz35BXqk10ds45TLBYahD3hO7grUewvZeAkEtZbpXujWRy
yOTgPyEujHKuhSi+3YNRGqOEx6Eldp/JXcTLpmReyecEUe7fpeZt8jouJFmNBkvm
YlzTj23MjTEuD4Hkdwh1wSphgJoUEggKVbIUFb2m0Suo0hQRwVHZ3hrf5RS4AHJw
E6RFjX95B8p6M1X5XCB8mZIOzNlVHqoTW0l5j6ZUSUwsr8wGP1OA5iQnQD3eUaoT
EXsErtsbN0obMZ4MXDvMKXFW7A6hpKHOawBcqt0VyRu3k8/yzSuaO+BwPhuAHbtC
8v7ZrLfAnIwRVcHSrmDuWmhAoJB35YsA5rnal1IHx7Wwtj1vgRljtSpn9FEonF8r
JkkFySsd6STAs/wq8nDK
=l0fB
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 412-1] linux-2.6 security update
Next by Date: [SECURITY] [DLA 411-2] eglibc regression update
Previous by thread: [SECURITY] [DLA 412-1] linux-2.6 security update
Next by thread: [SECURITY] [DLA 411-2] eglibc regression update
Index(es):
- Date
- Thread