DSA-3492-2 gajim -- gajimID: oval:org.secpod.oval:def:602391 | Date: (C)2016-03-11 (M)2021-09-13 |
Class: PATCH | Family: unix |
The wheezy part of the previous gajim update, DSA-3492-1, was incorrectly built resulting in an unsatisfiable dependency. This update corrects that problem. For reference, the original advisory text follows. Daniel Gultsch discovered a vulnerability in Gajim, an XMPP/jabber client. Gajim didn"t verify the origin of roster update, allowing an attacker to spoof them and potentially allowing her to intercept messages.