Summary: | net-im/gaim: Buffer Overflow and Denial of Service | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jean-François Brunette (RETIRED) <formula7> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | critical | CC: | net-im, sebastian_ml |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/16379/ | ||
Whiteboard: | A1 [glsa] formula7 | ||
Package list: | Runtime testing required: | --- |
Description
Jean-François Brunette (RETIRED)
2005-08-10 09:08:43 UTC
Pulling in net-im herd so that they are ready whenever upstream is. gaim-1.5.0 slated for release Thurs evening. *** Bug 102133 has been marked as a duplicate of this bug. *** 1.5.0 is also fixing CAN-2005-2370: Summary:A memory alignment bug in the Gadu-Gadu protocol plugin can result in a buffer overflow Description: There was a memory alignment bug in the library Gaim uses to access the Gadu-Gadu network. This bug can not be exploited on x86 architectures. This bug was recently fixed in the libgadu library, but also needed to be fixed in Gaim because Gaim includes a copy of the libgadu library. Memory alignment bug was fixed in 1.4.0-r2. I currently don't have a viable gentoo desktop, thanks to some CPU/mobo frying. tester@gentoo.org is going to cover this for me. added gaim-1.5.0 and marked it stable for x86 & amd64 Arches please test and mark gaim-1.5.0 stable, thanks Stable on PPC. stable on ppc64 sparc stable. alpha stable stable on mips. It still misses hppa. Stable on ia64. Stable on hppa. GLSA 200508-06 arm please remember to mark stable to benifit from the GLSA. |