Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
200
security advisorycritical issuegaim updateScientific Linux: RHSA-2005:627-01 Critical: Gaim Security Update
Critical: gaim security update. Date: Thu, 11 Aug 2005 17:37:50 -0500 Reply-To: Connie Sieh Sender: Security Errata for Scientific Linux From: Connie Sieh Subject: ERRATA for SL 302,303,304,305 x86_64 now available Comments: To:
Aug 11, 2005
•Critical
Scientific Linux
200
security advisorylow severitygaim updateScientific Linux SL 302/303/304 RHSA-2005:518-01 Moderate Gaim Update
Moderate: gaim security update. Date: Fri, 17 Jun 2005 13:35:22 -0500 Reply-To: Connie Sieh Sender: Security Errata for Scientific Linux From: Connie Sieh Subject: ERRATA for SL 302/303/304 x86_64 now available Comments: To: scientific The following ERRATA for SL 302/303/304 x86_64 are now available from: Synopsis: Low: bzip2 security update Advisory ID: RHSA-2005:474-01 CVE Names: CAN-2005-0758 CAN-2005-0953 CAN-2005-1260 bzip2-1.0.2-11.EL3.4.x86_64.rpm bzip2-devel-1.0.2-11.EL3.4.x86_64.rpm bzip2-libs-1.0.2-11.EL3.4.i386.rpm bzip2-libs-1.0.2-11.EL3.4.x86_64.rpm Synopsis: Moderate: gaim security update Advisory ID: RHSA-2005:518-01 CVE Names: CAN-2005-1269 CAN-2005-1934 gaim-1.3.1-0.el3.x86_64.rpm -Connie Sieh . Recent patches for moderate gaim and minimal bzip2 vulnerabilities aimed at Scientific Linux SL 302/303/304 for x86_64 architecture have been released.. security updates, Scientific Linux, gaim security. . LinuxSecurity.com Team
Jun 17, 2005
Scientific Linux
200
security advisorysecurity issuelow severityScientific Linux: 2005:377-01 Low: Sharutils Security Update Alert
Low: sharutils security update. Date: Fri, 13 May 2005 16:13:11 -0500 Reply-To: Connie Sieh Sender: Security Errata for Scientific Linux From: Connie Sieh Subject: ERRATA for SL 302 ia64 now available Comments: To:
May 13, 2005
•Low
Scientific Linux
98
security advisorybuffer overflowremote exploitRed Hat Enterprise: RHSA-2005:429-01 Critical Gaim Buffer Overflow
An updated gaim package that fixes two security issues is now available.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: gaim security update Advisory ID: RHSA-2005:429-01 Advisory URL: https://access.redhat.com/errata/RHSA-2005:429.html Issue date: 2005-05-11 Updated on: 2005-05-11 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1261 CAN-2005-1262 - ---------------------------------------------------------------------1. Summary: An updated gaim package that fixes two security issues is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The Gaim application is a multi-protocol instant messaging client. A stack based buffer overflow bug was found in the way gaim processes a message containing a URL. A remote attacker could send a carefully crafted message resulting in the execution of arbitrary code on a victim's machine. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1261 to this issue. A bug was found in the way gaim handles malformed MSN messages. A remote attacker could send a carefully crafted MSN message causing gaim to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1262 to this issue. Users of Gaim areadvised to upgrade to this updated package which contains backported patches and is not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/ 5. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: bc81df1e2393d51d607dbdd5ebcd6254 gaim-1.2.1-6.el3.src.rpm i386: 83ef867ebf9618418bbde568a3599830 gaim-1.2.1-6.el3.i386.rpm ia64: 4a93e8e28ddfc147277773480c90a706 gaim-1.2.1-6.el3.ia64.rpm ppc: 742c7971f07ba2a83af5023ac4283f02 gaim-1.2.1-6.el3.ppc.rpm s390: 987db3f09037b9f8deeaaafd51fe76c3 gaim-1.2.1-6.el3.s390.rpm s390x: 16d7c8d5fe4dd0f99f1bd6418f3e03c7 gaim-1.2.1-6.el3.s390x.rpm x86_64: 76c553295cbee1bb7f5369cf54e1115b gaim-1.2.1-6.el3.x86_64.rpm Red Hat Desktop version 3: SRPMS: bc81df1e2393d51d607dbdd5ebcd6254 gaim-1.2.1-6.el3.src.rpm i386: 83ef867ebf9618418bbde568a3599830 gaim-1.2.1-6.el3.i386.rpm x86_64: 76c553295cbee1bb7f5369cf54e1115b gaim-1.2.1-6.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: bc81df1e2393d51d607dbdd5ebcd6254 gaim-1.2.1-6.el3.src.rpm i386: 83ef867ebf9618418bbde568a3599830 gaim-1.2.1-6.el3.i386.rpm ia64: 4a93e8e28ddfc147277773480c90a706 gaim-1.2.1-6.el3.ia64.rpm x86_64: 76c553295cbee1bb7f5369cf54e1115b gaim-1.2.1-6.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: bc81df1e2393d51d607dbdd5ebcd6254 gaim-1.2.1-6.el3.src.rpm i386: 83ef867ebf9618418bbde568a3599830 gaim-1.2.1-6.el3.i386.rpm ia64: 4a93e8e28ddfc147277773480c90a706 gaim-1.2.1-6.el3.ia64.rpm x86_64: 76c553295cbee1bb7f5369cf54e1115b gaim-1.2.1-6.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: 8bcd80b9e9aad765a1596378c4d08626 gaim-1.2.1-6.el4.src.rpm i386: 136094a6e2717de5ac02826cd91d493c gaim-1.2.1-6.el4.i386.rpm ia64: 84e2bde6e30fb3da72651f3a3b3a1a91 gaim-1.2.1-6.el4.ia64.rpm ppc: f596381eb4b924a8b43df623ac2011ae gaim-1.2.1-6.el4.ppc.rpm s390: c72eb22cda05c6f23caabc458a6b3132 gaim-1.2.1-6.el4.s390.rpm s390x: 6a64c4e6cd546fd98d2ee0f44c04f6bb gaim-1.2.1-6.el4.s390x.rpm x86_64: d835d342a18973c499c3444a46db9cba gaim-1.2.1-6.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: 8bcd80b9e9aad765a1596378c4d08626 gaim-1.2.1-6.el4.src.rpm i386: 136094a6e2717de5ac02826cd91d493c gaim-1.2.1-6.el4.i386.rpm x86_64: d835d342a18973c499c3444a46db9cba gaim-1.2.1-6.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: 8bcd80b9e9aad765a1596378c4d08626 gaim-1.2.1-6.el4.src.rpm i386: 136094a6e2717de5ac02826cd91d493c gaim-1.2.1-6.el4.i386.rpm ia64: 84e2bde6e30fb3da72651f3a3b3a1a91 gaim-1.2.1-6.el4.ia64.rpm x86_64: d835d342a18973c499c3444a46db9cba gaim-1.2.1-6.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: 8bcd80b9e9aad765a1596378c4d08626 gaim-1.2.1-6.el4.src.rpm i386: 136094a6e2717de5ac02826cd91d493c gaim-1.2.1-6.el4.i386.rpm ia64: 84e2bde6e30fb3da72651f3a3b3a1a91 gaim-1.2.1-6.el4.ia64.rpm x86_64: d835d342a18973c499c3444a46db9cba gaim-1.2.1-6.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 6. References: https://www.cve.org/CVERecord?id=CVE-CAN-2005-1261 https://www.cve.org/CVERecord?id=CVE-CAN-2005-1262 7. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. . Essential patch releasefrom Red Hat tackles two vulnerabilities. Update now to safeguard against potential remote attacks.. Red Hat Gaim Security Update, Critical Linux Update, Buffer Overflow Fix. . Severity: Critical. LinuxSecurity.com Team
May 11, 2005
•Critical
Red Hat
89
security advisoryFedora Coresoftware fixFedora Core 3: FEDORA-2005-299 Critical: Gaim Protocol Crashes
Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-299 2005-04-05 ---------------------------------------------------------------------Product : Fedora Core 3 Name : gaim Version : 1.2.1 Release : 1.fc3 Summary : A Gtk+ based multiprotocol instant messaging client Description : Gaim allows you to talk to anyone using a variety of messaging protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!, MSN Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Gaim supports many common features of other clients, as well as many unique features, such as perl scripting and C plugins. Gaim is NOT affiliated with or endorsed by America Online, Inc., Microsoft Corporation, or Yahoo! Inc. or other messaging service providers. ---------------------------------------------------------------------Update Information: gaim-1.2.1 resolves CAN-2005-0965 and CAN-2005-0966 as well as some crashes in the jabber and yahoo protocols. Read upstream's pages above for more details. ---------------------------------------------------------------------* Sun Apr 3 2005 Warren Togami 1:1.2.1-1 - update to 1.2.1 (minor bug fixes) * Fri Mar 18 2005 Warren Togami 1:1.2.0-1 - update to 1.2.0 (minor bug fixes) * Mon Mar 7 2005 Warren Togami 1:1.1.4-5 - Copy before modifying prefs.xml ---------------------------------------------------------------------This update can be downloaded from: 1190ddc5e1511eb8b0de6b29db2b8425 SRPMS/gaim-1.2.1-1.fc3.src.rpm 19ea5f0fd2e4b3ba6a473ade59eb3605 x86_64/gaim-1.2.1-1.fc3.x86_64.rpm bfbf6e99151d09b2966184330bf9f7af x86_64/debug/gaim-debuginfo-1.2.1-1.fc3.x86_64.rpm f3b77bfd973fd80cd1afce537fc96cda i386/gaim-1.2.1-1.fc3.i386.rpm 3c9c1a69d3ed0e4ae2e287ab1163e119 i386/debug/gaim-debuginfo-1.2.1-1.fc3.i386.rpm Thisupdate can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list
Apr 05, 2005
•Critical
Fedora
99
security advisorycriticalsoftware patchSlackware 10.0: SSA-2004-240-01 Critical: Gaim 0.82.1 Bug Fix
A couple of bugs were found in the gaim 0.82 release, and gaim-0.82.1 was released to fix them. In addition, gaim-encryption-2.29 did not work with gaim-0.82 due to changes in the header files, so the gaim-encryption plugin has also been updated to gaim-encryption-2.30. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] gaim updated again (SSA:2004-240-01) A couple of bugs were found in the gaim 0.82 release, and gaim-0.82.1 was released to fix them. In addition, gaim-encryption-2.29 did not work with gaim-0.82 due to changes in the header files, so the gaim-encryption plugin has also been updated to gaim-encryption-2.30. Here are the details from the Slackware 10.0 ChangeLog: +--------------------------+ Fri Aug 27 14:25:53 PDT 2004 patches/packages/gaim-0.82.1-i486-1.tgz: Upgraded to gaim-0.82.1 to fix a couple of bugs in the gaim-0.82 release. Also, gaim-encryption-2.29 did not work with gaim-0.82 (or 0.82.1), so that has been upgraded to gaim-encryption-2.30. +--------------------------+ Where to find the new packages: +-----------------------------+ Updated package for Slackware 9.1: Updated package for Slackware 10.0: Updated package for Slackware -current: MD5 signatures: +-------------+ Slackware 9.1 package: b96a251f78cd1da2f0ba4bd3eeb5d437 gaim-0.82.1-i486-1.tgz Slackware 10.0 package: e6cc9194b5be4eaad40d783b3822cdac gaim-0.82.1-i486-1.tgz Slackware -current package: 0d783454c6fee939d6f64cb47a1e955b gaim-0.82.1-i486-1.tgz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg gaim-0.82.1-i486-1.tgz +-----+ . Gaim has issued an update to fix problems identified in version 0.82. The patch enhances the encryption plugin in version 2.30 for improved security and stability. Gaim Update, Security Advisory, Bug Fix, Encryption Plugin. . Severity: Critical. LinuxSecurity.com Team
Aug 27, 2004
•Critical
Slackware
98
security advisoryRed Hatsecurity fixRed Hat: RHSA-2002:189-08 Moderate: Gaim URL Handler Issue
Versions of gaim prior to 0.59.1 contain a bug in the URL handler of the manual browser option. A link can be carefully crafted to contain an arbitrary shell script which will be executed if the user clicks on the link.. ` --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated gaim client fixes URL vulnerability Advisory ID: RHSA-2002:189-08 Issue date: 2002-08-27 Updated on: 2002-09-09 Product: Red Hat Linux Keywords: gaim jabber irc Cross references: Obsoletes: RHSA-2002:098 CVE Names: CAN-2002-0989 --------------------------------------------------------------------- 1. Topic: Updated gaim packages are now available for Red Hat Linux 7.1, 7.2, and 7.3. These updates fix a vulnerability in the URL handler. 2. Relevant releases/architectures: Red Hat Linux 7.1 - alpha, i386, ia64 Red Hat Linux 7.2 - i386, ia64 Red Hat Linux 7.3 - i386 3. Problem description: Gaim is an all-in-one instant messaging client that lets you use a number of messaging protocols such as AIM, ICQ, and Yahoo, all at once. Versions of gaim prior to 0.59.1 contain a bug in the URL handler of the manual browser option. A link can be carefully crafted to contain an arbitrary shell script which will be executed if the user clicks on the link. Users of gaim should update to these errata packages containing gaim 0.59.1 which is not vulnerable to this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desiredRPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed ( for more info): 72728 - gaim 0.59.1 is released with important security and bug fixes 6. RPMs required: Red Hat Linux 7.1: SRPMS: alpha: i386: ia64: Red Hat Linux 7.2: SRPMS: i386: ia64: Red Hat Linux 7.3: SRPMS: i386: 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- 0002e932420cb64588f5e711797e46be 7.1/en/os/SRPMS/gaim-0.59.1-0.7.1.src.rpm 106eb33125133f394b08ed72f7c30972 7.1/en/os/alpha/gaim-0.59.1-0.7.1.alpha.rpm 473264fa5149a9d39e1f5f7927646f78 7.1/en/os/i386/gaim-0.59.1-0.7.1.i386.rpm e0c1cefbf8bf3536d1eedbdcda3dbf56 7.1/en/os/ia64/gaim-0.59.1-0.7.1.ia64.rpm 4e884de1cf2b81cc2c3a7e089daf9175 7.2/en/os/SRPMS/gaim-0.59.1-0.7.2.src.rpm 1799671a6b0a84a092f99e2952420baa 7.2/en/os/i386/gaim-0.59.1-0.7.2.i386.rpm 1bd079f56248badd3ec66c041fdde0df 7.2/en/os/ia64/gaim-0.59.1-0.7.2.ia64.rpm 474497f4d62662d4d37afa5d9acde99e 7.3/en/os/SRPMS/gaim-0.59.1-0.7.3.src.rpm b49e9b07d9e449221bd210e5a6bd9474 7.3/en/os/i386/gaim-0.59.1-0.7.3.i386.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: About You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: CVE -CVE-2002-0989 Copyright(c) 2000, 2001, 2002 Red Hat, Inc. `. Recent software patches address a vulnerability in URL security for CentOS 7.x, improving overall user safety.. Gaim Client, URL Vulnerability, Red Hat Updates,Security Advisory, Instant Messaging. . LinuxSecurity.com Team
Sep 10, 2002
Red Hat
98
security advisorybuffer overflowcriticalRed Hat Powertools: RHSA-2002:107-11 Critical: Gaim Buffer Overflow
Updated gaim packages are now available for Red Hat Powertools 7.These updates fix a buffer overflow in the Jabber plug-in module.. ` --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated gaim client fixes Jabber plug-in vulnerability (Powertools) Advisory ID: RHSA-2002:107-11 Issue date: 2002-06-04 Updated on: 2002-08-05 Product: Red Hat Powertools Keywords: gaim jabber irc Cross references: RHSA-2002:098 Obsoletes: CVE Names: CAN-2002-0384 --------------------------------------------------------------------- 1. Topic: Updated gaim packages are now available for Red Hat Powertools 7. These updates fix a buffer overflow in the Jabber plug-in module. 2. Relevant releases/architectures: Red Hat Powertools 7.0 - alpha, i386 3. Problem description: Gaim is an instant messaging client written in GTK and is based on the published TOC messaging protocol from AOL. Versions of gaim prior to 0.58 contained a buffer overflow in the Jabber plug-in module. Users of gaim should update to these errata packages containing gaim 0.59 which is not vulnerable to this issue. Please note that gaim version 0.57 had an additional security problem which has been fixed in version 0.58 (CAN-2002-0377), however Red Hat Powertools did not ship with version 0.57 and was not vulnerable to this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red HatNetwork. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed ( for more info): 65263 - security issues in gaim 0.57 6. RPMs required: Red Hat Powertools 7.0: SRPMS: alpha: i386: 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- 6bbebd4e3d3eb89e40def52921c6c064 7.0/en/powertools/SRPMS/gaim-0.59-0.7.0.src.rpm ad0f3b17d7c6e642dd04fb2f8f245fc9 7.0/en/powertools/alpha/gaim-0.59-0.7.0.alpha.rpm 06f4568fc44680bbcf1f171e26897fe6 7.0/en/powertools/i386/gaim-0.59-0.7.0.i386.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: About You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: CVE -CVE-2002-0384 Copyright(c) 2000, 2001, 2002 Red Hat, Inc. `. Recent enhancements to gaim on CentOS address significant security vulnerabilities concerning the Jabber feature, which may permit buffer overflow exploits, as outlined in this notice.. Red Hat Powertools, Jabber Plug-in, gaim Update, Critical Security Fix. . Severity: Critical. LinuxSecurity.com Team
Aug 06, 2002
•Critical
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!