Please merge xchat-2.8.6-2.1(universe) from debian unstable

Bug #326823 reported by Bhavani Shankar
2
Affects Status Importance Assigned to Milestone
xchat (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

Binary package hint: xchat

Debian has a new version to be merged.

xchat (2.8.6-2.1) unstable; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix insecure search path vulnerability in the python module by
    sanitizing sys.path (46_CVE-2009-0315.dpatch; Closes: #513509)

 -- Nico Golde <email address hidden> Thu, 05 Feb 2009 19:20:23 +0100

Related branches

CVE References

Revision history for this message
Bhavani Shankar (bhavi) wrote :
Changed in xchat:
status: New → Confirmed
Revision history for this message
Luca Falavigna (dktrkranz) wrote :

Some adjustments:
* Debian version build-depends on gettext (>= 0.10.37), we should not revert it.
* xchat-systray is no longer in Jaunty, its Conflicts line is useless.

Other than that, it looks good. I mangled it a bit and sponsored in Jaunty, thanks!

Changed in xchat:
importance: Undecided → Wishlist
status: Confirmed → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package xchat - 2.8.6-2.1ubuntu1

---------------
xchat (2.8.6-2.1ubuntu1) jaunty; urgency=low

  * Merge from debian unstable, remaining changes: LP: #326823
    + xchat.desktop: comply with freedesktop spec removing deprecated items:
      - extension on icon
      - Encoding
      - Application in categories
    + debian/control:
      - Build-depend on libgtk2.0-dev (>= 2.10.0).
      - Build-depend on liblaunchpad-integration-dev.
      - Recommend esound-clients | alsa-utils | libarts1c2
    + debian/patches/01_serverlist.dpatch:
      - Adjust it to use irc.ubuntu.com.
    + debian/patches/37_lpi.dpatch:
      - Add Launchpad integration.
    + debian/patches/38_autoconf.dpatch:
      - Add Launchpad integration autoconf changes.
    + debian/patches/45_ctcp_version_less_information.dpatch:
      - Make ctcp version show less information.
    + debian/patches/50_xc286_smallfixes.dpatch: a couple of minor fixes
      cherry picked from CVS (remove unused variable, use if/else for on/off
      printing, static/const a variable, return on empty list, resize some
      char[]'s)
    + debian/rules:
      - Make build independent of the python version.
      - Sets XCHATSHAREDIR correctly.
    + Switch to GType to fix the build with the latest gtk versions.
      - debian/patches/60_gtktype_removal.dpatch
      - said to be fixed in CVS already.

xchat (2.8.6-2.1) unstable; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix insecure search path vulnerability in the python module by
    sanitizing sys.path (46_CVE-2009-0315.dpatch; Closes: #513509)

 -- Bhavani Shankar <email address hidden> Sun, 08 Feb 2009 16:19:28 +0530

Changed in xchat:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.