CAN-2005-0208 HTML parsing bug can cause remote crash of gaim < 1.1.4. Asking ARCHes to mark net-im/gaim-1.1.4 stable.
was fixed in 1.1.3: Remote DoS on receiving malformed HTML (CAN-2005-0473) Remote crash. Receiving malformed HTML can result in an invalid memory access causing Gaim to crash. AIM/ICQ remote denial of service (CAN-2005-0472) Certain malformed SNAC packets sent by other AIM or ICQ users can trigger an infinite loop in Gaim when parsing the SNAC. The remote user would need a custom client, able to generate malformed SNAC
sparc-a-go-go.
1.1.3 fixed CAN-2005-0473, but opened yet another, almost identical security issue, CAN-2005-0208. So 1.1.4 does contain security fixes (see http://gaim.sourceforge.net/security/index.php ).
Yes. So 1.1.4 contains all three fixes, as 1.1.3 had not yet made stable on all ARCHes. I've marked stable on x86, as that is my playground.
Removing cc on x86 team.
was fixed in 1.1.4: Client crashes when receiving specific malformed HTML (CAN-2005-0208) Remote crash. Receiving malformed HTML can result in an invalid memory access causing Gaim to crash.
stable on amd64
stable on ppc64
stable on mipshttp://bugs.gentoo.org/show_bug.cgi?id=83253
Stable on alpha.
removing ia64 been marked stable without notice no entry in Changelog but cvs log gives: revision 1.4 date: 2005/02/25 16:19:09; author: agriffis; state: Exp; lines: +2 -2 stable on ia64 #83253 (Portage version: 2.0.51-r15)
Marked stable on ppc by blubb.
Vapier gave the OK to mark stable on HPPA and ARM. I have done this. That is the last of the arches.
GLSA 200503-02