FFe: Sync gajim 0.15-1 (universe) from Debian testing (main)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
| gajim (Ubuntu) |
Wishlist
|
Unassigned |
Bug Description
Please sync gajim 0.15-1 (universe) from Debian testing (main)
Explanation of the Ubuntu delta and why it can be dropped:
* Merge from debian unstable(LP: #630876). Remaining changes:
- Kept Ubuntu patches
+ config-
+ ubuntu-
* Drop the debian/watch change as debian version of the watch file just
works fine I think.
The delta between Ubuntu and Debian can be dropped because both
the config-
upstream. (It should be noted that the patches were not actually
applied in the 0.14.1-1ubuntu1 merge, despite the changelog message
to the contrary.)
Explanation of FeatureFreeze exception:
Upgrading gajim to 0.15-1 will address two CVEs, CVE-2012-2086 and
CVE-2012-2085, the latter of which is a remote code execution issue (a
user can be tricked into clicking a URL that executes code on their
local machine).
This version does not include the fix for CVE-2012-2093 (latex tmp
races), but that fix introduced a critical regression that causes gajim
not to start (debian bug 669105); note that /tmp races are mitigated in
Ubuntu due to YAMA restrictions being enabled.
I've verified that the package builds in a precise/amd64 schroot and
will attach the build log. I installed the built package and was able to
connect and chat through google talk's jabber server.
Relevant entries from the upstream Changelog file:
Gajim 0.15 (18 March 2012)
* Plugin system
* Whiteboard (via a plugin)
* Message archiving
* Stream managment
* IBB
* Nested roster group
* Roster filtrering
* UPower support
* GPG support for windows
* Spell checking support for windows
Gajim 0.14.4 (22 July 2011)
* Fix translation issue
* other minor fixes
Gajim 0.14.3 (19 June 2011)
* Fix history viewer
* Fix closing roster window
* Prevent some erros with metacontacts
Gajim 0.14.2 (07 June 2011)
* Fix CPU usage when testing file transfer proxies
* Fix invalid XML char regex
* Fix subscription request window handling
* Fix URL display in chat message banner
* Other minor bugfixes
Changelog entries since current precise version 0.14.1-1ubuntu1:
gajim (0.15-1) unstable; urgency=low
* New upstream release.
* remove 00_debian-
* remove 01_configure-
* remove python-
-- Yann Leboulanger <email address hidden> Sat, 18 Mar 2012 10:32:38 +0100
gajim (0.14.4-1) unstable; urgency=low
* New upstream release. Closes: #637071
* Fixes weird error. Closes: #632226
* Stop suggesting unused python-sexy. Closes: #633301
* Modify 00_debian-
dh_changelogs will do it.
-- Yann Leboulanger <email address hidden> Fri, 22 Jul 2011 12:56:30 +0200
gajim (0.14.3-1) unstable; urgency=low
* New upstream release.
* Fix closing roster window. Closes: #630315
-- Yann Leboulanger <email address hidden> Sun, 19 Jun 2011 21:46:09 +0200
gajim (0.14.2-1) unstable; urgency=low
* New upstream release.
* Fix CPU usage when testing file transfer proxies. Closes: #626576
-- Yann Leboulanger <email address hidden> Tue, 07 Jun 2011 19:30:43 +0200
Steve Beattie (sbeattie) wrote : | #2 |
Installation log:
$ sudo apt-get install gajim
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libfile-
libkrb5-dev libaprutil1-ldap libapr1-dev libgssrpc4 libpcrecpp0 apache2.2-common libept1 libtirpc1 libaprutil1-
libvpx0 apache2.2-bin libhogweed2 spawn-fcgi libzip1 libnfsidmap2 uuid-dev libkadm5clnt-mit8 libpq-dev libkadm5srv-mit8
libnl3 libattica0 libsqlite3-dev libpq5 libpcre3-dev libkdb5-6 krb5-multidev libgssglue1 libllvm2.9 libldap2-dev
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
python-pyasn1
Suggested packages:
python-gconf python-gnome2 nautilus-sendto avahi-daemon python-avahi network-manager libgtkspell0 python-gnomekeyring
gnome-keyring python-kerberos python-farsight gstreamer0.
The following NEW packages will be installed:
gajim python-pyasn1
0 upgraded, 2 newly installed, 0 to remove and 43 not upgraded.
Need to get 4,599 kB of archives.
After this operation, 13.6 MB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://
Get:2 http://
Fetched 4,599 kB in 2s (2,021 kB/s)
Selecting previously unselected package gajim.
(Reading database ... 316077 files and directories currently installed.)
Unpacking gajim (from .../archives/
Selecting previously unselected package python-pyasn1.
Unpacking python-pyasn1 (from .../python-
Processing triggers for hicolor-icon-theme ...
Processing triggers for man-db ...
Processing triggers for doc-base ...
Processing 1 added doc-base file...
Setting up gajim (0.15-1) ...
Setting up python-pyasn1 (0.0.11a-1ubuntu1) ...
$
Steve Beattie (sbeattie) wrote : | #3 |
For reference, the two security issues fixed in the upstream 0.15 release have upstream bug reports; they are:
https:/
https:/
As promised, the build log from building the testing version of gajim on precise/amd64.