Fedora Core 3: FEDORA-2005-172 Critical Gaim DoS Threat Overview

Gaim allows you to talk to anyone using a variety of messaging

protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!,

MSN Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr. These

protocols are implemented using a modular, easy to use design.

To use a protocol, just add an account using the account editor.

Gaim supports many common features of other clients, as well as many

unique features, such as perl scripting and C plugins.

Gaim is NOT affiliated with or endorsed by America Online, Inc.,

Microsoft Corporation, or Yahoo! Inc. or other messaging service

providers.

This update resolves another DoS issue in parsing malformed HTML,

and a MSN related crash that folks were hitting often.

- FC3

* Thu Feb 24 2005 Warren Togami 1:1.1.4-1

- 1.1.4 with MSN crash fix, g_stat() crash workaround

CAN-2005-0208 Gaim HTML parsing DoS (another one)

* Tue Feb 22 2005 Warren Togami 1:1.1.3-4

- Test fixes for #149190 and #149304

69048a51ec8001285f5be7ec48635ca1 SRPMS/gaim-1.1.4-0.FC3.src.rpm

865a0dd9e293e68fa16cee836e59fcb9 x86_64/gaim-1.1.4-0.FC3.x86_64.rpm

92ad90314af9b036dca2cf18365daf60

x86_64/debug/gaim-debuginfo-1.1.4-0.FC3.x86_64.rpm

255f546347b43c21d9d5d8f5d81b7c16 i386/gaim-1.1.4-0.FC3.i386.rpm

11256b0dd8026e9d9f639d039d271331

i386/debug/gaim-debuginfo-1.1.4-0.FC3.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com