Alerts This Week
Warning Icon 1 664
Alerts This Week
Warning Icon 1 664

Ubuntu 13.10/12.04: USN-2215-1 Moderate: libgadu Denial Of Service

Calendar May 21, 2014 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service Ubuntu network issue libgadu
libgadu could be made to crash or run programs if it received specially crafted network traffic. 
=========================================================================Ubuntu Security Notice USN-2215-1
May 21, 2014

libgadu vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.10
- Ubuntu 12.04 LTS

Summary:

libgadu could be made to crash or run programs if it received specially
crafted network traffic.

Software Description:
- libgadu: Gadu-Gadu protocol library

Details:

It was discovered that libgadu incorrectly handled certain messages from
file relay servers. A malicious remote server or a man in the middle could
use this issue to cause applications using libgadu to crash, resulting in a
denial of service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.10:
  libgadu3                        1:1.11.2-1ubuntu1.2

Ubuntu 12.04 LTS:
  libgadu3                        1:1.11.1-1ubuntu0.2

After a standard system update you need to restart your session to make all
the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-2215-1
  CVE-2014-3775

Package Information:
  https://launchpad.net/ubuntu/+source/libgadu/1:1.11.2-1ubuntu1.2
  https://launchpad.net/ubuntu/+source/libgadu/1:1.11.1-1ubuntu0.2

Ubuntu 13.10/12.04: USN-2215-1 Moderate: libgadu Denial Of Service

ubuntu
Calendar Grey May 21, 2014
Dist Ubuntu Esm H88
The libgadu vulnerability can destabilize systems via malicious network packets. Users should apply the latest patches promptly using the instructions provided.
libgadu could be made to crash or run programs if it received specially crafted network traffic.

Summary

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu network issue libgadu

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 13.10: libgadu3 1:1.11.2-1ubuntu1.2 Ubuntu 12.04 LTS: libgadu3 1:1.11.1-1ubuntu0.2 After a standard system update you need to restart your session to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-2215-1

CVE-2014-3775

Severity
important
Lowest
Low
Medium
High
Critical

May 21, 2014

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu network issue libgadu

Package Information

https://launchpad.net/ubuntu/+source/libgadu/1:1.11.2-1ubuntu1.2 https://launchpad.net/ubuntu/+source/libgadu/1:1.11.1-1ubuntu0.2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here