Date: Sun, 8 Apr 2012 20:49:10 +1000 From: David Black <disclosure@....org> To: oss-security <oss-security@...ts.openwall.com> Subject: CVE request: gajim - code execution and sql injection Hi. a few months ago the following bugs were reported in gajim and do not yet have CVE-ID allocation: 1. https://trac.gajim.org/ticket/7031, 'Assisted' code execution (if the user clicks a link) 2. https://trac.gajim.org/ticket/7034, SQL injection via jids Note: these two issues are fixed in the latest gajim release.  http://gajim.org/ - "Gajim 0.15 is here! (18 March 2012)"  https://trac.gajim.org/query?status=closed&milestone=0.15
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.