Please merge xchat-2.8.6-2.1(universe) from debian unstable

Bug #326823 reported by Bhavani Shankar on 2009-02-08
2
Affects Status Importance Assigned to Milestone
xchat (Ubuntu)
Wishlist
Unassigned

Bug Description

Binary package hint: xchat

Debian has a new version to be merged.

xchat (2.8.6-2.1) unstable; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix insecure search path vulnerability in the python module by
    sanitizing sys.path (46_CVE-2009-0315.dpatch; Closes: #513509)

 -- Nico Golde <email address hidden> Thu, 05 Feb 2009 19:20:23 +0100

Related branches

CVE References

Bhavani Shankar (bhavi) wrote :
Changed in xchat:
status: New → Confirmed
Luca Falavigna (dktrkranz) wrote :

Some adjustments:
* Debian version build-depends on gettext (>= 0.10.37), we should not revert it.
* xchat-systray is no longer in Jaunty, its Conflicts line is useless.

Other than that, it looks good. I mangled it a bit and sponsored in Jaunty, thanks!

Changed in xchat:
importance: Undecided → Wishlist
status: Confirmed → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package xchat - 2.8.6-2.1ubuntu1

---------------
xchat (2.8.6-2.1ubuntu1) jaunty; urgency=low

  * Merge from debian unstable, remaining changes: LP: #326823
    + xchat.desktop: comply with freedesktop spec removing deprecated items:
      - extension on icon
      - Encoding
      - Application in categories
    + debian/control:
      - Build-depend on libgtk2.0-dev (>= 2.10.0).
      - Build-depend on liblaunchpad-integration-dev.
      - Recommend esound-clients | alsa-utils | libarts1c2
    + debian/patches/01_serverlist.dpatch:
      - Adjust it to use irc.ubuntu.com.
    + debian/patches/37_lpi.dpatch:
      - Add Launchpad integration.
    + debian/patches/38_autoconf.dpatch:
      - Add Launchpad integration autoconf changes.
    + debian/patches/45_ctcp_version_less_information.dpatch:
      - Make ctcp version show less information.
    + debian/patches/50_xc286_smallfixes.dpatch: a couple of minor fixes
      cherry picked from CVS (remove unused variable, use if/else for on/off
      printing, static/const a variable, return on empty list, resize some
      char[]'s)
    + debian/rules:
      - Make build independent of the python version.
      - Sets XCHATSHAREDIR correctly.
    + Switch to GType to fix the build with the latest gtk versions.
      - debian/patches/60_gtktype_removal.dpatch
      - said to be fixed in CVS already.

xchat (2.8.6-2.1) unstable; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix insecure search path vulnerability in the python module by
    sanitizing sys.path (46_CVE-2009-0315.dpatch; Closes: #513509)

 -- Bhavani Shankar <email address hidden> Sun, 08 Feb 2009 16:19:28 +0530

Changed in xchat:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers