You are here
Home > Preporuke > Sigurnosna nedogradnja programskog paketa gajim

Sigurnosna nedogradnja programskog paketa gajim

by ncert - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LDE

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-3492-2 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 28, 2016 https://www.debian.org/security/faq
– ————————————————————————-

Package : gajim
Debian Bug : 816158

The wheezy part of the previous gajim update, DSA-3492-1, was
incorrectly built resulting in an unsatisfiable dependency. This update
corrects that problem. For reference, the original advisory text
follows.

Daniel Gultsch discovered a vulnerability in Gajim, an XMPP/jabber
client. Gajim didn’t verify the origin of roster update, allowing an
attacker to spoof them and potentially allowing her to intercept
messages.

For the oldstable distribution (wheezy), this problem has been fixed
in version 0.15.1-4.1+deb7u2.

We recommend that you upgrade your gajim packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJW0tQFAAoJEAVMuPMTQ89EGVUP/2cWsnn9rzv7aodGQ9S+5gml
gN+2NpsfsWIo8D0m8As9cZUqJG72NbWOyjc/IbORiyCzVcTt9NsVVNZd1Pbf7ThU
C6hK1WQIDZUOETerlLD3Ai6upLm9cOqjtAQwiKFdwDH40U9BSst3wMk1vxvcjRxa
6i6CHCdsRKw7XJ+K9WolptblqAEz1FtTltWyxoCuDKDYoJfWmA90aJYWOYbHnprb
eCFCu6/EPmnz3k2L257uf1bBQojuOQupLgpQFaGJ7QaAgDTw15As4l8fSZPt4wMu
nwj8cU5m/JluQUigw+6bk6GrfFhRm6iNXx2chC50D+gYi4hHxejj/rFLcqKPpi6S
7O1nXrRzLa1X8YTPME6Gw1cpsKmy1nhK2OJbDhBvNbjxIK5XBRDsxiz0vmJg7PsR
9513DR0VVb2D1Jfr1lnsZFH8K6S8bMcP0NZWtnt95WDlesjANBXOBQU8M4Whl3RJ
8S2RGcJSikyejA+C5eAG9c0ESGkb0lnSn7vMLTbi+AKo6cG1WT0aVYDBRNj4oiZO
jeAcIB7+aey9rvNvLFsNJE+Lh2kDXZQ3Zsl1BAtcuzbNimEXcfuufqatR5OO3h3D
pO/mH7yw4/uCZt37I2ESyAgRczv2PW+Hj5aI4uOKtjoaDTb2BkbzZgWHqnVw53dl
CKP4SaFLyz06KznV+Vcr
=i0Lp
—–END PGP SIGNATURE—–

AutorMarijo Plepelic
Cert idNCERT-REF-2016-02-0016-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
ncert
Top
More in Preporuke
Ranjivost programskog paketa rubygem-actionview

Otkrivena je ranjivost zaobilaženja direktorija u komponenti Action View unutar programskog paketa rubygem-actionview za Fedoru. Ranjivost potencijalnom udaljenom napadaču omogućuje...

Close