- --------------------------------------------------------------------------Debian Security Advisory DSA 813-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
September 15th, 2005                    http://www.debian.org/security/faq
- --------------------------------------------------------------------------Package        : centericq
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE IDs        : CAN-2005-2369 CAN-2005-2370 CAN-2005-2448
BugTraq ID     : 14415

Several problems have been discovered in libgadu which is also part of
centericq, a text-mode multi-protocol instant messenger client.  The
Common Vulnerabilities and Exposures project identifies the following
problems:

CAN-2005-2369

    Multiple integer signedness errors may allow remote attackers to
    cause a denial of service or execute arbitrary code.

CAN-2005-2370

    Memory alignment errors may allows remote attackers to cause a
    denial of service on certain architectures such as sparc.

CAN-2005-2448

    Several endianess errors may allow remote attackers to cause a
    denial of service.

The old stable distribution (woody) is not affected by these problems.

For the stable distribution (sarge) these problems have been fixed in
version 4.20.0-1sarge2.

For the unstable distribution (sid) these problems have been fixed in
version 4.20.0-9.

We recommend that you upgrade your centericq package.


Upgrade Instructions
- --------------------wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------  Source archives:

          Size/MD5 checksum:      875 3e3856c76ecca4033d594f40b84594fe
          Size/MD5 checksum:   105757 2847f29ebc190209bc9801cda4021465
          Size/MD5 checksum:  1796894 874165f4fbd40e3be677bdd1696cee9d

  Alpha architecture:

          Size/MD5 checksum:  1650414 6428d1b002427f84264e264f039942b6
          Size/MD5 checksum:   335816 83d71d7e3ddc678f92208714c69421c1
          Size/MD5 checksum:  1651512 e552870deeb140d3c152a314ecbf34cd
          Size/MD5 checksum:  1650438 55cd6872aae5e63348f7b816ea72d54b

  AMD64 architecture:

          Size/MD5 checksum:  1355220 3e2133ded560c48685d2b99ba5bf0dce
          Size/MD5 checksum:   335722 4b1695d70272933dc7e239043cd97dca
          Size/MD5 checksum:  1355440 2cfb3c7c9386a5975ec3d433ca45e5c4
          Size/MD5 checksum:  1355268 a0cb191dfa09ef9b517bfa5e91779dad

  ARM architecture:

          Size/MD5 checksum:  2185136 2d1317f0919c28662971967458546742
          Size/MD5 checksum:   335868 726094239479d03fd2eb63f4f307e46b
          Size/MD5 checksum:  2185970 bb6521dedcca573e28a2c34fd9c1ab74
          Size/MD5 checksum:  2185188 84cd56c79406e409bb0513a0997870f8

  Intel IA-32 architecture:

          Size/MD5 checksum:  1348652 c59e862bca93d94d4edee43911bbdeb7
          Size/MD5 checksum:   335708 2c3d7782f385f0b81a3ce3dd4b089977
          Size/MD5 checksum:  1349472 fb8e54aa013dacc37499fd68ae032116
          Size/MD5 checksum:  1348570 f353cb12552cfc0db7ed0d3129edc1d7

  Intel IA-64 architecture:

          Size/MD5 checksum:  1881308 0eaa392858b373326fe3f5fbcbd267da
          Size/MD5 checksum:   335814 5ce50347f96935af6f00e6e6ec89352c
          Size/MD5 checksum:  1882180 359605a9a9bc322896110b2652da8859
          Size/MD5 checksum:  1881288 3b41f39c82d45d048c56fd71b052b34a

  HP Precision architecture:

          Size/MD5 checksum:  1812364 d776d20c88b1d045eab6c2cbc7e4856f
          Size/MD5 checksum:   336524 15a3df7f872450f63c650e08a5804d28
          Size/MD5 checksum:  1813476 6804d5b88c0e662daccc7d8a462bc843
          Size/MD5 checksum:  1812430 72dbb22383ac61176bfdbc563026f728

  Motorola 680x0 architecture:

          Size/MD5 checksum:  1399316 4f0a41a9a10d9764806b753669a19721
          Size/MD5 checksum:   336586 c5fda5db59d172c072943ba56fa7ab4e
          Size/MD5 checksum:  1399996 fa827fa4c93f695d6ad976975aa15201
          Size/MD5 checksum:  1399362 fbe685ca5920fda77744d1ed896e8848

  Big endian MIPS architecture:

          Size/MD5 checksum:  1493038 111b76f2e63dc4fc6cc51f5cdabc3d3b
          Size/MD5 checksum:   336552 61b4098b1245044a145571caad3384fd
          Size/MD5 checksum:  1493630 c478a464bebad10f9883abeb2097be09
          Size/MD5 checksum:  1493080 182a6d6b77e18cdda5c29154149e0191

  Little endian MIPS architecture:

          Size/MD5 checksum:  1483212 e4d498542aec27d2ded408c756e05844
          Size/MD5 checksum:   335834 32e81dfb6114a2f1175d4b0e747efb1c
          Size/MD5 checksum:  1483786 bbf2190ab5d4d0cecb332c6d6e87d897
          Size/MD5 checksum:  1483264 d991ec5892ad4a1f4452f6ac265c9524

  PowerPC architecture:

          Size/MD5 checksum:  1386046 27c0795c598216692bb9e3ddabbe38ab
          Size/MD5 checksum:   336542 65b7360541cf810d6e0e66e4e985eed8
          Size/MD5 checksum:  1386558 15377035743dde60440d7847a8050a5d
          Size/MD5 checksum:  1386122 7f1e7a8ffcb42aef23b6d29043295b91

  IBM S/390 architecture:

          Size/MD5 checksum:  1193924 bcbb0a591e411c0fcd4bd02cef5eedbb
          Size/MD5 checksum:   336546 3710534682406a034733acad3b3c2ed5
          Size/MD5 checksum:  1194212 8f5729cbc295bb04986b96af8e9de1bf
          Size/MD5 checksum:  1193970 943e805ff5904ede894a864d6ac4d34b

  Sun Sparc architecture:

          Size/MD5 checksum:  1325896 8e8e65fe000e12e309700513c1e2b8ba
          Size/MD5 checksum:   336550 46d2e5ced85fa02754d4c3868d39c129
          Size/MD5 checksum:  1326696 81974721d8a2b7041a375bf36c44464e
          Size/MD5 checksum:  1325860 f025aef1774bdf29ba0120070e8ff4f1


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp:  dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Debian: New centericq packages fix several vulnerabilities

September 15, 2005
Updated package.

Summary

Severity

Related News

30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved