Karol Pasternak found two bugs in libgadu, They can provide attacker to execute remote code or crash gg client Reproducible: Always Steps to Reproduce: 1. aplly patch for libgady from: http://cvs.toxygen.net/ekg/lib/libgadu.c.diff?r1=1.147&r2=1.148&f=u http://cvs.toxygen.net/ekg/lib/events.c.diff?r1=1.95&r2=1.96&f=u
Probably doesn't need to be secret, but I don't want to be the one who leaked it. CC'ed sekretarz because he is the maintainer and working on ebuilds.
Bumped to gnugadu-2.2.6-r1. This ebuild forces gnugadu to use external libgadu.
Karol is upstream aware of this and could you test and mark stable on x86?
Opening. x86/sekretarz please test and mark stable.
Marked stable on x86
Thanks for bumping and marking stable, ready for GLSA.
GLSA 200507-26