ALT Linux Team

Package gajim update in t7 on 2014-04-29

ALT-PU-2014-1557-1

Package gajim updated to version 0.16-alt0.0.M70P.1 for branch t7 in task 118979.

Closed vulnerabilities

Published: 2012-08-28
Modified: 2024-11-21

CVE-2012-2085

The exec_command function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute.

Severity: MEDIUM (6.8)
References:
Published: 2012-11-24
Modified: 2024-11-21

CVE-2012-2086

SQL injection vulnerability in the get_last_conversation_lines function in common/logger.py in Gajim before 0.15 allows remote attackers to execute arbitrary SQL commands via the jig parameter.

Severity: HIGH (7.5)
References:
Published: 2014-02-08
Modified: 2024-11-21

CVE-2012-5524

The _ssl_verify_callback function in tls_nb.py in Gajim before 0.15.3 does not properly verify SSL certificates, which allows remote attackers to conduct man-in-the-middle (MITM) attacks and spoof servers via an arbitrary certificate from a trusted CA.

Severity: MEDIUM (4.3)
References:

Closed bugs

Bug #27732

Gajim не запускается

VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top