CVE-2012-2086 in Ubuntu

CVE-2012-2086

Priority

Low

Description

SQL injection vulnerability in the get_last_conversation_lines function in
common/logger.py in Gajim before 0.15 allows remote attackers to execute
arbitrary SQL commands via the jig parameter.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2086

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668038
https://trac.gajim.org/ticket/7034
https://bugs.launchpad.net/ubuntu/+source/gajim/+bug/984616

Package

Source: gajim (LP Ubuntu Debian)

Upstream:	released (0.15-1)
Ubuntu 8.04 LTS (Hardy Heron):	ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):	released (0.13-0ubuntu2.1)
Ubuntu 11.10 (Oneiric Ocelot):	released (0.14.1-1ubuntu1.1)
Ubuntu 12.04 LTS (Precise Pangolin):	released (0.15-1)
Ubuntu 12.10 (Quantal Quetzal):	released (0.15-1)

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2012-11-29 02:14:39 UTC (commit 6103)