Linux Security
Linux Security
Linux Security

Debian: gaim fix denial of service DSA-716-1

Date 27 Apr 2005
Posted By Joe Shakespeare
Updated package.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 716-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.                             Martin Schulze
April 27th, 2005              
- --------------------------------------------------------------------------

Package        : gaim
Vulnerability  : denial of service
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2005-0472

It has been discovered that certain malformed SNAC packets sent by
other AIM or ICQ users can trigger an infinite loop in Gaim, a
multi-protocol instant messaging client, and hence lead to a denial of
service of the client.

Two more denial of service conditions have been discovered in newer
versions of Gaim which are fixed in the package in sid but are not
present in the package in woody.

For the stable distribution (woody) this problem has been fixed in
version 0.58-2.5.

For the unstable distribution (sid) these problems have been fixed in
version 1.1.3-1.

We recommend that you upgrade your gaim packages.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:
      Size/MD5 checksum:      681 e985a045131d5ad43c2192533d581d49
      Size/MD5 checksum:    23078 688d4d51bd00e863c4c911f539708f0d
      Size/MD5 checksum:  1928057 644df289daeca5f9dd3983d65c8b2407

  Alpha architecture:
      Size/MD5 checksum:   480588 297fed5e44fab4f49c3c103159ee3dc4
      Size/MD5 checksum:   674918 1a59dbf94b98f25c18eaeee28aab5910
      Size/MD5 checksum:   501450 bbe7cdac070bed0937596df34052c555

  ARM architecture:
      Size/MD5 checksum:   401938 1f9588d2015c20477f35f59de2e67190
      Size/MD5 checksum:   615258 6a1d88825004fb405881674236b5f34b
      Size/MD5 checksum:   422646 eab79e46b080475268510509635388b2

  Intel IA-32 architecture:
      Size/MD5 checksum:   389530 e4b3815727835a3ab112fb109a328021
      Size/MD5 checksum:   605678 619283e7b98add8bf725beb71a3de75b
      Size/MD5 checksum:   409274 c81aa5abd01455d0b082c6503e5abb32

  Intel IA-64 architecture:
      Size/MD5 checksum:   557214 f57cd6a3c35d2d7042690e5584d3c49c
      Size/MD5 checksum:   765410 33b7051caea6919c87519bc9c570ef69
      Size/MD5 checksum:   570064 2a9d5dbdd9b1bc7470d3a7a12cf3b453

  HP Precision architecture:
      Size/MD5 checksum:   459698 74a1621f52f73e436aeffc82e1c528a5
      Size/MD5 checksum:   691344 06a88c54e725114cb0818b50dce65fd5
      Size/MD5 checksum:   481568 5aaf2370d855711ae2d2916c13831f0b

  Motorola 680x0 architecture:
      Size/MD5 checksum:   370690 627841728dabb3c6e83e60c8001a0ac4
      Size/MD5 checksum:   622818 e4205658f157914fc5cea27c7248a71d
      Size/MD5 checksum:   392316 8ee4f81a43e8b9ae123adadba2eed04c

  Big endian MIPS architecture:
      Size/MD5 checksum:   406618 354027157ccc8439f28f3d05198cce12
      Size/MD5 checksum:   615058 36c64cdcac52153d504eb7e246560510
      Size/MD5 checksum:   427314 7f59f09c347ed39a12fad8408c40fab3

  Little endian MIPS architecture:
      Size/MD5 checksum:   397210 f690bab2d77b7f5bc5c207ab8799a7ae
      Size/MD5 checksum:   607548 a62777c3ba8590660821edb1f46947ee
      Size/MD5 checksum:   416922 31b725e25888062257b1d9a212450a0e

  PowerPC architecture:
      Size/MD5 checksum:   413722 b499efefdd53e1e1f99c82fe4345d740
      Size/MD5 checksum:   643070 e6a50e343c77e80e72c26570e4086452
      Size/MD5 checksum:   434530 be29354736f00ed85d5aa36d0bb86330

  IBM S/390 architecture:
      Size/MD5 checksum:   399718 1328ff0fecf64d0a8db50bcbf6a4307d
      Size/MD5 checksum:   644284 c668b1de2ad8c707c5f8ad2de456bf9c
      Size/MD5 checksum:   422222 14e4654f7df7c22fb6e8240908c7836c

  Sun Sparc architecture:
      Size/MD5 checksum:   409866 7d8a00f61567dea550246ba36ee8f350
      Size/MD5 checksum:   654072 aca9f7da61fa3f05e5394844fd1cc0ba
      Size/MD5 checksum:   428798 d4eb82d10dfcaee16df40d3c4547e809

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"47","type":"x","order":"1","pct":79.66,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"7","type":"x","order":"2","pct":11.86,"resources":[]},{"id":"181","title":"Hardly ever","votes":"5","type":"x","order":"3","pct":8.47,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.