Updated gajim packages are available for Debian 6 LTS
Package : gajim
Version : 0.13.4-3+squeeze4
CVE ID : CVE-2015-8688
Debian Bug : 809900
Affected versions of gajim allow remote attackers to modify the roster
and intercept messages via a crafted roster-push IQ stanza.
This has been fixed in squeeze-lts by version 0.13.4-3+squeeze4.