What Are You Looking For?

Sign Up
- ------------------------------------------------------------------------Debian Security Advisory DSA-1610-1                  security@debian.org
http://www.debian.org/security/                               Steve Kemp
July 15, 2008                         http://www.debian.org/security/faq
- ------------------------------------------------------------------------Package        : gaim
Vulnerability  : integer overflow
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2008-2927

It was discovered that gaim, an multi-protocol instant messaging client,
was vulnerable to several integer overflows in its MSN protocol handlers.
These could allow a remote attacker to execute arbitrary code.

For the stable distribution (etch), this problem has been fixed in version
1:2.0.0+beta5-10etch1.

For the unstable distribution (sid), this package is not present.

We recommend that you upgrade your gaim package.


Upgrade instructions
- --------------------wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------Source archives:

      Size/MD5 checksum:     1143 7c07047f910aa37b5d3237d2b9c2f746
      Size/MD5 checksum:  9031658 b95158280b54f7c6e61c975ac6a1b2c5
      Size/MD5 checksum:    40297 4481186566917128436fec7894a0849e

Architecture independent packages:

      Size/MD5 checksum:  5155634 a771c9d07df618edbea2009b81a780eb

alpha architecture (DEC Alpha)

      Size/MD5 checksum:  3941786 5ae6eb63afa93956d351b436c4dedce1
      Size/MD5 checksum:   151048 d2963922763948e431374e6035fce786
      Size/MD5 checksum:  1946668 a581acaee78397951203bb9ba75b92a5

amd64 architecture (AMD x86_64 (AMD64))

      Size/MD5 checksum:   151308 e02d048bb0b276819259b9eafb2da5c1
      Size/MD5 checksum:  3981722 f8dea9c85a995285842b9658b7f22e40
      Size/MD5 checksum:  1783578 68aa76888cdef8f740f45f50661234b1

arm architecture (ARM)

      Size/MD5 checksum:  3755878 f5fab49dc1d45ea2a6b5c57a52402cf9
      Size/MD5 checksum:   151974 65cb42b3add06b9e623d14199c4f1955
      Size/MD5 checksum:  1562534 cbde10538a351b4f7730a76c3d0d24d7

hppa architecture (HP PA RISC)

      Size/MD5 checksum:  3885888 c6ecba97d3da131f507be4bb829f30d0
      Size/MD5 checksum:   151626 bd76b163486f8a778bea8a3cae124d66
      Size/MD5 checksum:  1982362 4c523a86d49a58204ef226d8b003adea

i386 architecture (Intel ia32)

      Size/MD5 checksum:  1680010 33ada7f2c9454fe220feac62252ddb6f
      Size/MD5 checksum:  3753710 6a1c030a5bd9ed092d108d54b99e64ca
      Size/MD5 checksum:   151968 4132986afae49a8640f5e4a2c793da30

ia64 architecture (Intel ia64)

      Size/MD5 checksum:  2446022 006e57d747b574fe007531dea875b1e7
      Size/MD5 checksum:   149394 3374fa4ef91014f880840b35d38d31c5
      Size/MD5 checksum:  3734170 690c1bb55de9f185016eff981c4808b9

mips architecture (MIPS (Big Endian))

      Size/MD5 checksum:   150720 311032a9ac626069ccc86f84f57e2590
      Size/MD5 checksum:  4038460 e64238f554102f276d1318ec1306a576
      Size/MD5 checksum:  1477582 b8161f8051c1ef3bfcabae5fda5a8e86

powerpc architecture (PowerPC)

      Size/MD5 checksum:  1736680 1fd924e136faa010fc72bdd5380bae7b
      Size/MD5 checksum:   149416 c39f12e2db475a607635cadef7cf2d0d
      Size/MD5 checksum:  3962580 5f96851de05f64a1004f259163c78a62

s390 architecture (IBM S/390)

      Size/MD5 checksum:  3887734 8a70aab0641f3133d09e92236209d599
      Size/MD5 checksum:   149390 02297def8b72438af93b378283b3f804
      Size/MD5 checksum:  1724846 b2be967dbcbb3fb08d094facfc72feb4

sparc architecture (Sun SPARC/UltraSPARC)

      Size/MD5 checksum:  3619054 e7496134eb752f245b5d7cb0be0cf104
      Size/MD5 checksum:  1660690 0ef1fe66d2513f3521f76295a4d4fa6b
      Size/MD5 checksum:   149410 810e9119e56cc591275761110cfef793


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp:  dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Debian: New gaim packages fix execution of arbitrary code

July 15, 2008
It was discovered that gaim, an multi-protocol instant messaging client, was vulnerable to several integer overflows in its MSN protocol handlers. These could allow a remote atta...

Summary

Severity

Related News

India Bans Open Source Messaging Apps for Security Reasons. FOSS Community Says Good Luck

May 12, 2023

Thunderbird 102.9.0 is a security update for the open source email client

Mar 17, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo