Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

Red Hat: RHSA-2005:627-01 Critical: Gaim Buffer Overflow and DoS

red hat
Calendar Grey August 10, 2005
Dist Redhat Esm H88
The Red Hat gaim advisory reveals serious security vulnerabilities affecting system integrity and user privacy, urging immediate patch application for protection
An updated gaim package that fixes multiple security issues is now available

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

165392 - CAN-2005-2370 gadu gadu memory alignment issue 165400 - CAN-2005-2102 gaim AIM invalid filename DoS 165402 - CAN-2005-2103 Gaim malformed away message remote code execution


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS: dc0bc2cebe945bd90e85ad349909a1b6 gaim-1.3.1-0.el3.3.src.rpm

i386: 33c487f6fe88c3573f63bc4044997cad gaim-1.3.1-0.el3.3.i386.rpm

ia64: ab1a9e0a24a296ced5779462f46c26a5 gaim-1.3.1-0.el3.3.ia64.rpm

ppc: 2d58f880338491f34713a51db6aba3ec gaim-1.3.1-0.el3.3.ppc.rpm

s390: a0e34b7891936843e174ed7a50634536 gaim-1.3.1-0.el3.3.s390.rpm

s390x: c3e794cd5b905baf5b29848e47a7b8b2 gaim-1.3.1-0.el3.3.s390x.rpm

x86_64: 5e8c3bf3eb8679f85774713462db8242 gaim-1.3.1-0.el3.3.x86_64.rpm

Red Hat Desktop version 3:

SRPMS: dc0bc2cebe945bd90e85ad349909a1b6 gaim-1.3.1-0.el3.3.src.rpm

i386: 33c487f6fe88c3573f63bc4044997cad gaim-1.3.1-0.el3.3.i386.rpm

x86_64: 5e8c3bf3eb8679f85774713462db8242 gaim-1.3.1-0.el3.3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS: dc0bc2cebe945bd90e85ad349909a1b6 gaim-1.3.1-0.el3.3.src.rpm

i386: 33c487f6fe88c3573f63bc4044997cad gaim-1.3.1-0.el3.3.i386.rpm

ia64: ab1a9e0a24a296ced5779462f46c26a5 gaim-1.3.1-0.el3.3.ia64.rpm

x86_64: 5e8c3bf3eb8679f85774713462db8242 gaim-1.3.1-0.el3.3.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS: dc0bc2cebe945bd90e85ad349909a1b6 gaim-1.3.1-0.el3.3.src.rpm

i386: 33c487f6fe88c3573f63bc4044997cad gaim-1.3.1-0.el3.3.i386.rpm

ia64: ab1a9e0a24a296ced5779462f46c26a5 gaim-1.3.1-0.el3.3.ia64.rpm

x86_64: 5e8c3bf3eb8679f85774713462db8242 gaim-1.3.1-0.el3.3.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS: 0dad5d23bfa33dde0464cbe7cbe05e53 gaim-1.3.1-0.el4.3.src.rpm

i386: c7343c6cc89f9e6e3dd30a9b918a9c8e gaim-1.3.1-0.el4.3.i386.rpm

ia64: 717a21a30f477f71d6aac3052a6f2fcb gaim-1.3.1-0.el4.3.ia64.rpm

ppc: c8609fd4b5cc9801ea6cd131833da6c7 gaim-1.3.1-0.el4.3.ppc.rpm

s390: 5a2aa34b2844b9916e2f2cd2c39f6bb3 gaim-1.3.1-0.el4.3.s390.rpm

s390x: 40f2ac0065deb7cfda303d2efabbf9ac gaim-1.3.1-0.el4.3.s390x.rpm

x86_64: 7611deb734363f6dceef660f19c3f4b9 gaim-1.3.1-0.el4.3.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS: 0dad5d23bfa33dde0464cbe7cbe05e53 gaim-1.3.1-0.el4.3.src.rpm

i386: c7343c6cc89f9e6e3dd30a9b918a9c8e gaim-1.3.1-0.el4.3.i386.rpm

x86_64: 7611deb734363f6dceef660f19c3f4b9 gaim-1.3.1-0.el4.3.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS: 0dad5d23bfa33dde0464cbe7cbe05e53 gaim-1.3.1-0.el4.3.src.rpm

i386: c7343c6cc89f9e6e3dd30a9b918a9c8e gaim-1.3.1-0.el4.3.i386.rpm

ia64: 717a21a30f477f71d6aac3052a6f2fcb gaim-1.3.1-0.el4.3.ia64.rpm

x86_64: 7611deb734363f6dceef660f19c3f4b9 gaim-1.3.1-0.el4.3.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS: 0dad5d23bfa33dde0464cbe7cbe05e53 gaim-1.3.1-0.el4.3.src.rpm

i386: c7343c6cc89f9e6e3dd30a9b918a9c8e gaim-1.3.1-0.el4.3.i386.rpm

ia64: 717a21a30f477f71d6aac3052a6f2fcb gaim-1.3.1-0.el4.3.ia64.rpm

x86_64: 7611deb734363f6dceef660f19c3f4b9 gaim-1.3.1-0.el4.3.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

References

https://www.cve.org/CVERecord?id=CAN-2005-2102 https://www.cve.org/CVERecord?id=CAN-2005-2103 https://www.cve.org/CVERecord?id=CAN-2005-2370

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2005:627-01
Issue date: 2005-08-09
Updated on: 2005-08-09
Product: Red Hat Enterprise Linux

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Desktop version 3 - i386, x86_64

Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here