Public bug reported: Please sync gajim 0.15-1 (universe) from Debian testing (main)
Explanation of the Ubuntu delta and why it can be dropped: * Merge from debian unstable(LP: #630876). Remaining changes: - Kept Ubuntu patches + config-write-sync.patch + ubuntu-keyring.patch * Drop the debian/watch change as debian version of the watch file just works fine I think. The delta between Ubuntu and Debian can be dropped because both the config-write-sync.patch and ubuntu-keyring.patch were applied upstream. (It should be noted that the patches were not actually applied in the 0.14.1-1ubuntu1 merge, despite the changelog message to the contrary.) Explanation of FeatureFreeze exception: Upgrading gajim to 0.15-1 will address two CVEs, CVE-2012-2086 and CVE-2012-2085, the latter of which is a remote code execution issue (a user can be tricked into clicking a URL that executes code on their local machine). This version does not include the fix for CVE-2012-2093 (latex tmp races), but that fix introduced a critical regression that causes gajim not to start (debian bug 669105); note that /tmp races are mitigated in Ubuntu due to YAMA restrictions being enabled. I've verified that the package builds in a precise/amd64 schroot and will attach the build log. I installed the built package and was able to connect and chat through google talk's jabber server. Relevant entries from the upstream Changelog file: Gajim 0.15 (18 March 2012) * Plugin system * Whiteboard (via a plugin) * Message archiving * Stream managment * IBB * Nested roster group * Roster filtrering * UPower support * GPG support for windows * Spell checking support for windows Gajim 0.14.4 (22 July 2011) * Fix translation issue * other minor fixes Gajim 0.14.3 (19 June 2011) * Fix history viewer * Fix closing roster window * Prevent some erros with metacontacts Gajim 0.14.2 (07 June 2011) * Fix CPU usage when testing file transfer proxies * Fix invalid XML char regex * Fix subscription request window handling * Fix URL display in chat message banner * Other minor bugfixes Changelog entries since current precise version 0.14.1-1ubuntu1: gajim (0.15-1) unstable; urgency=low * New upstream release. * remove 00_debian-copying.diff because upstream doesn't install it anymore * remove 01_configure-ac.diff because upstream changed configure dependencies * remove python-gnupginterface from recommands list, it's no more used -- Yann Leboulanger <aste...@lagaule.org> Sat, 18 Mar 2012 10:32:38 +0100 gajim (0.14.4-1) unstable; urgency=low * New upstream release. Closes: #637071 * Fixes weird error. Closes: #632226 * Stop suggesting unused python-sexy. Closes: #633301 * Modify 00_debian-copying.diff to also not install ChangeLog file. dh_changelogs will do it. -- Yann Leboulanger <aste...@lagaule.org> Fri, 22 Jul 2011 12:56:30 +0200 gajim (0.14.3-1) unstable; urgency=low * New upstream release. * Fix closing roster window. Closes: #630315 -- Yann Leboulanger <aste...@lagaule.org> Sun, 19 Jun 2011 21:46:09 +0200 gajim (0.14.2-1) unstable; urgency=low * New upstream release. * Fix CPU usage when testing file transfer proxies. Closes: #626576 -- Yann Leboulanger <aste...@lagaule.org> Tue, 07 Jun 2011 19:30:43 +0200 ** Affects: gajim (Ubuntu) Importance: Wishlist Status: New ** Changed in: gajim (Ubuntu) Importance: Undecided => Wishlist -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/984616 Title: FFe: Sync gajim 0.15-1 (universe) from Debian testing (main) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gajim/+bug/984616/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs