Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 8 Apr 2012 20:49:10 +1000
From: David Black <>
To: oss-security <>
Subject: CVE request: gajim - code execution and sql injection

Hi. a few months ago the following bugs were reported in gajim and do
not yet have CVE-ID allocation:
1., 'Assisted' code
execution (if the user clicks a link)
2., SQL injection via jids

Note: these two issues are fixed in the latest gajim release[0][1].

[0] - "Gajim 0.15 is here! (18 March 2012)"

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ