Summary: | net-im/gaim Security vulnerabilities in current Gaim | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Curtis Magyar <curtm4n> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | dberkholz, gaim-bugs |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://gaim.sourceforge.net/security.php | ||
Whiteboard: | A1 [glsa] jaervosz | ||
Package list: | Runtime testing required: | --- |
Description
Curtis Magyar
2004-08-23 18:29:12 UTC
gaim-bugs please bump to 0.82 0.82 isn't out until Thursday, and like last time they aren't immediately releasing a minor version to fix the vulnerability. I wasn't sure if the patch had been applied or not, and didn't see a notice about it so I filed this. Please close it if the patch is already included. Patches for items listed on gaim webpage are already patched. Two of them were patched in 0.81-r1 and the third is patched in 0.81-r3. There are other known vulnerabilities and I am working closely with gaim and other distro managers on it. All are already patched in CVS and I will working to extract those diffs, but regardless I am going to recommend putting 0.82 into stable ASAP when it comes out. Gaim has sent a nice uberpatch for all known vulnerabilities. Just committed in the form of gaim-0.81-r5. I'd suggest marking stable ASAP. I can do x86. Stable in x86. Other arches can you please mark gaim-0.81-r5 stable ASAP for security purposes. Will also involve marking gaim-encryption-2.29 stable, which is not a problem. Sparc stable. ppc stable stable on amd64 Stable on alpha. hppa is stable Stable on mips This one is ready for GLSA. Security please draft. Stable on IA64. 0.81-r5 now stable on all arches. GLSA 200408-27 |