drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Prüfung von Zertifikaten in Gajim (Aktualisierung)
Name: |
Mangelnde Prüfung von Zertifikaten in Gajim (Aktualisierung) |
|
ID: |
DSA-3492-2 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian wheezy |
|
Datum: |
So, 28. Februar 2016, 22:57 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
Gajim |
|
Update von: |
Mangelnde Prüfung von Zertifikaten in Gajim |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3492-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso February 28, 2016 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : gajim Debian Bug : 816158
The wheezy part of the previous gajim update, DSA-3492-1, was incorrectly built resulting in an unsatisfiable dependency. This update corrects that problem. For reference, the original advisory text follows.
Daniel Gultsch discovered a vulnerability in Gajim, an XMPP/jabber client. Gajim didn't verify the origin of roster update, allowing an attacker to spoof them and potentially allowing her to intercept messages.
For the oldstable distribution (wheezy), this problem has been fixed in version 0.15.1-4.1+deb7u2.
We recommend that you upgrade your gajim packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJW0tQFAAoJEAVMuPMTQ89EGVUP/2cWsnn9rzv7aodGQ9S+5gml gN+2NpsfsWIo8D0m8As9cZUqJG72NbWOyjc/IbORiyCzVcTt9NsVVNZd1Pbf7ThU C6hK1WQIDZUOETerlLD3Ai6upLm9cOqjtAQwiKFdwDH40U9BSst3wMk1vxvcjRxa 6i6CHCdsRKw7XJ+K9WolptblqAEz1FtTltWyxoCuDKDYoJfWmA90aJYWOYbHnprb eCFCu6/EPmnz3k2L257uf1bBQojuOQupLgpQFaGJ7QaAgDTw15As4l8fSZPt4wMu nwj8cU5m/JluQUigw+6bk6GrfFhRm6iNXx2chC50D+gYi4hHxejj/rFLcqKPpi6S 7O1nXrRzLa1X8YTPME6Gw1cpsKmy1nhK2OJbDhBvNbjxIK5XBRDsxiz0vmJg7PsR 9513DR0VVb2D1Jfr1lnsZFH8K6S8bMcP0NZWtnt95WDlesjANBXOBQU8M4Whl3RJ 8S2RGcJSikyejA+C5eAG9c0ESGkb0lnSn7vMLTbi+AKo6cG1WT0aVYDBRNj4oiZO jeAcIB7+aey9rvNvLFsNJE+Lh2kDXZQ3Zsl1BAtcuzbNimEXcfuufqatR5OO3h3D pO/mH7yw4/uCZt37I2ESyAgRczv2PW+Hj5aI4uOKtjoaDTb2BkbzZgWHqnVw53dl CKP4SaFLyz06KznV+Vcr =i0Lp -----END PGP SIGNATURE-----
|
|
|
|