A vulnerability has been reported in Ekiga, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to format string errors when the "gm_main_window_flash_message()" function is invoked. This can be exploited to crash the application or potentially execute arbitrary code. Solution: Update to version 2.0.5. Reproducible: Didn't try http://www.ekiga.org/index.php?rub=10&pos=0
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1006
heh, this baby is already in the tree. arches, please test and stable version 2.0.5, thx ps: i know some of you are visiting fosdem now - enjoy and have fun!
net-im/ekiga-2.0.5 USE="dbus doc gnome sdl -avahi -debug" 1. emerges on x86 2. passes collision test 3. works Portage 2.1.2-r9 (default-linux/x86/2006.1/desktop, gcc-4.1.1, glibc-2.5-r0, 2.6.19.3 i686) ================================================================= System uname: 2.6.19.3 i686 AMD Athlon(TM) XP1800+ Gentoo Base System release 1.12.9 Timestamp of tree: Sat, 24 Feb 2007 11:00:01 +0000 ccache version 2.4 [enabled] dev-java/java-config: 1.3.7, 2.0.31 dev-lang/python: 2.3.5-r3, 2.4.3-r4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.4-r6 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.14 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.17-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=i686 -fomit-frame-pointer -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c" CXXFLAGS="-O2 -march=i686 -fomit-frame-pointer -pipe" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--nospinner" FEATURES="autoconfig ccache collision-protect distlocks fixpackages metadata-transfer parallel-fetch sandbox sfperms strict test userfetch userpriv usersandbox" GENTOO_MIRRORS="http://mirror.switch.ch/mirror/gentoo/ http://gentoo.inode.at/" LANG="en_GB.utf8" LINGUAS="en de en_GB" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage/normal" SYNC="rsync://192.168.2.1/gentoo-portage" USE="3dnow 3dnowext X a52 aac alsa apache2 berkdb bitmap-fonts bzip2 cairo cdr cli cracklib crypt cups dbus divx4linux dri dts dvd dvdr dvdread eds emboss exif fam ffmpeg firefox fortran gdbm gif gnome gphoto2 gpm gstreamer gtk hal iconv ipv6 isdnlog java jpeg kde ldap libg++ mad midi mikmod mmx mmxext mono mp3 mpeg ncurses network nls nptl nptlonly ogg opengl oss pam pcre perl png ppds pppd python qt qt3 qt4 quicktime readline reflection samba sdl seamonkey session spell spl ssl svg tcpd test tetex tiff truetype truetype-fonts type1-fonts unicode usb vcd vorbis win32codecs x86 xine xinerama xml xorg xprint xv xvid zlib" ELIBC="glibc" INPUT_DEVICES="mouse keyboard" KERNEL="linux" LINGUAS="en de en_GB" USERLAND="GNU" VIDEO_CARDS="nv none" Unset: CTARGET, INSTALL_MASK, LC_ALL, LDFLAGS, MAKEOPTS, PORTAGE_RSYNC_EXTRA_OPTS
(In reply to comment #3) > net-im/ekiga-2.0.5 USE="dbus doc gnome sdl -avahi -debug" > 1. emerges on x86 > 2. passes collision test > 3. works sorry I forgot to mention that this version needs the following two deps stable: dev-libs/pwlib-1.10.4 net-libs/opal-2.2.5 both emerge w/o problems on x86 and pass collision test.
dev-libs/pwlib-1.10.4 net-libs/opal-2.2.5 net-im/ekiga-2.0.5 x86 stable, thanks Markus
ppc64 stable
SPARC stable
*** Bug 168771 has been marked as a duplicate of this bug. ***
stable on hppa. Sorry for the delay.
marked stable by beandog on amd64
ppc stable
we cant wait any longer here. either get it stable, or it will fly out without you.
kloeri wanted to take care of it for alpha tomorrow
http://bugzilla.gnome.org/show_bug.cgi?id=415526 back to ebuild status :(
Finally stabled Alpha + IA64. I'm not removing us from the bug because of comment #14.
Nice. But as said in comment #14, the fix doesn't fix the weakness. VoIP team, please advise
voip team please advise or comment
OK. I so don't want to ship something that might be vulnerable for the 2007.0 release. Anybody got any comments here?
dev-libs/pwlib-1.10.5, net-libs/opal-2.2.6 and net-im/ekiga-2.0.7 are in. They should all go stable at the same time and sparc stable btw.
x86 got the call
alpha/amd64/ia64/ppc done
Stable for HPPA (killerfox)
Thanks everybody
GLSA 200703-25, thanks! I hope this is the good one