MDKSA-2005:086 - Updated gaim packages fix multiple vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: MDKSA-2005:086 - Updated gaim packages fix multiple vulnerabilities
From: Mandriva Security Team <security@xxxxxxxxxxxx>
Date: Thu, 12 May 2005 09:25:06 -0600
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Sender: QATeam User <qateam@xxxxxxxxxxxxxxxxxxxx>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           gaim
 Advisory ID:            MDKSA-2005:086
 Date:                   May 12th, 2005

 Affected versions:      10.1, 10.2, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 More vulnerabilities have been found in the gaim instant messaging
 client.  A stack-based buffer overflow bug was found in how gaim
 processes a message containing a URL; a remote attacker could send a
 carefully crafted message to cause the execution of arbitrary code on
 the user's machine (CAN-2005-1261).
 
 Another bug was found in how gaim handles malformed MSN messages; an
 attacker could send a carefully crafted MSN message that would cause
 gaim to crash (CAN-2005-1262).
 
 Gaim version 1.3.0 fixes these issues and is provided with this
 update.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1261
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1262
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 ed8172ba325d95f291a297903af41be0  10.1/RPMS/gaim-1.3.0-0.1.101mdk.i586.rpm
 ad2fcbcb8f0c1034c4d4ec1c9544b4c0  
10.1/RPMS/gaim-devel-1.3.0-0.1.101mdk.i586.rpm
 21102fd5e78228809becd7ddf24351ba  
10.1/RPMS/gaim-gevolution-1.3.0-0.1.101mdk.i586.rpm
 837a724dd6917f305beb0423713fd8ac  10.1/RPMS/gaim-perl-1.3.0-0.1.101mdk.i586.rpm
 5b3ca4cd6306963fb3e1b14c63df2244  10.1/RPMS/gaim-tcl-1.3.0-0.1.101mdk.i586.rpm
 199a0196f394b00efee48482f309936e  
10.1/RPMS/libgaim-remote0-1.3.0-0.1.101mdk.i586.rpm
 d5518ced2d7c76b4526fd68779693207  
10.1/RPMS/libgaim-remote0-devel-1.3.0-0.1.101mdk.i586.rpm
 44820576063dd74fb9c28b4a5699e36a  10.1/SRPMS/gaim-1.3.0-0.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 4e2c86767236f1b8eeb188551bb27314  
x86_64/10.1/RPMS/gaim-1.3.0-0.1.101mdk.x86_64.rpm
 db62d40135b2a9848d3699424b556654  
x86_64/10.1/RPMS/gaim-devel-1.3.0-0.1.101mdk.x86_64.rpm
 3a0f91257813a81a7ec0456a220357c1  
x86_64/10.1/RPMS/gaim-gevolution-1.3.0-0.1.101mdk.x86_64.rpm
 38dd8f72ca74d9080a8e289bb186c92a  
x86_64/10.1/RPMS/gaim-perl-1.3.0-0.1.101mdk.x86_64.rpm
 13359f709541ea9654312f75339c321b  
x86_64/10.1/RPMS/gaim-tcl-1.3.0-0.1.101mdk.x86_64.rpm
 8542aca1513904f4c0a87c3f0fe543c5  
x86_64/10.1/RPMS/lib64gaim-remote0-1.3.0-0.1.101mdk.x86_64.rpm
 171e1625bd227112e50659b0648d8173  
x86_64/10.1/RPMS/lib64gaim-remote0-devel-1.3.0-0.1.101mdk.x86_64.rpm
 44820576063dd74fb9c28b4a5699e36a  
x86_64/10.1/SRPMS/gaim-1.3.0-0.1.101mdk.src.rpm

 Mandrakelinux 10.2:
 dae4fba008457633fe9f687285e43a34  10.2/RPMS/gaim-1.3.0-0.1.102mdk.i586.rpm
 e79df04c807ee82e92ae8b1bd1c19f17  
10.2/RPMS/gaim-devel-1.3.0-0.1.102mdk.i586.rpm
 25bd9d7af41c8bbf6761b58465d89ee4  
10.2/RPMS/gaim-gevolution-1.3.0-0.1.102mdk.i586.rpm
 c8140054eb2228eb8a8aeade572ceae9  10.2/RPMS/gaim-perl-1.3.0-0.1.102mdk.i586.rpm
 071ec72d9640dab11e58b9fd5eb196b2  10.2/RPMS/gaim-silc-1.3.0-0.1.102mdk.i586.rpm
 f89cb44704cc525ab5f483737ea3ca45  10.2/RPMS/gaim-tcl-1.3.0-0.1.102mdk.i586.rpm
 8b93abaa4953aeba755d2498c91bfdb4  
10.2/RPMS/libgaim-remote0-1.3.0-0.1.102mdk.i586.rpm
 a44d9d2bd48fc0886938db762b111b9d  
10.2/RPMS/libgaim-remote0-devel-1.3.0-0.1.102mdk.i586.rpm
 199e401eab3fd4bc5a9c19eb9b42c84e  10.2/SRPMS/gaim-1.3.0-0.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 e540621ec7ed8160e8a69f4c8e751c60  
x86_64/10.2/RPMS/gaim-1.3.0-0.1.102mdk.x86_64.rpm
 2a1491f4d49e424a389232f527567504  
x86_64/10.2/RPMS/gaim-devel-1.3.0-0.1.102mdk.x86_64.rpm
 d77f3c6453a0648c8561017b8eadf259  
x86_64/10.2/RPMS/gaim-gevolution-1.3.0-0.1.102mdk.x86_64.rpm
 53bb111a57f40c1b883978453c7e2301  
x86_64/10.2/RPMS/gaim-perl-1.3.0-0.1.102mdk.x86_64.rpm
 d69ede9ff9e8f64e34bd6a408e062e96  
x86_64/10.2/RPMS/gaim-silc-1.3.0-0.1.102mdk.x86_64.rpm
 4bc25f5496bac981116ede53777690fe  
x86_64/10.2/RPMS/gaim-tcl-1.3.0-0.1.102mdk.x86_64.rpm
 1df0f36a11d9e0ae880e2e2a9196291b  
x86_64/10.2/RPMS/lib64gaim-remote0-1.3.0-0.1.102mdk.x86_64.rpm
 3232b0c2b7becfc489da906c619fef5a  
x86_64/10.2/RPMS/lib64gaim-remote0-devel-1.3.0-0.1.102mdk.x86_64.rpm
 199e401eab3fd4bc5a9c19eb9b42c84e  
x86_64/10.2/SRPMS/gaim-1.3.0-0.1.102mdk.src.rpm

 Corporate 3.0:
 e149a73b4459e4910211c6164119d408  
corporate/3.0/RPMS/gaim-1.3.0-0.1.C30mdk.i586.rpm
 556d49ec86c6d89d50ed5ab6b7077618  
corporate/3.0/RPMS/gaim-devel-1.3.0-0.1.C30mdk.i586.rpm
 0c9b562338fd7d15057ce66af6c0e916  
corporate/3.0/RPMS/gaim-perl-1.3.0-0.1.C30mdk.i586.rpm
 893a7bc983c2502b089b0b28ebc68573  
corporate/3.0/RPMS/gaim-tcl-1.3.0-0.1.C30mdk.i586.rpm
 e0ca61a235d914865c52a01b24d53cc6  
corporate/3.0/RPMS/libgaim-remote0-1.3.0-0.1.C30mdk.i586.rpm
 643fc0e061166293c841faa09beb0dc6  
corporate/3.0/RPMS/libgaim-remote0-devel-1.3.0-0.1.C30mdk.i586.rpm
 050ba22fc5a9834d611cc671fd23e897  
corporate/3.0/SRPMS/gaim-1.3.0-0.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 7fd8169fd5f4b6b0b2ed0609a820ae09  
x86_64/corporate/3.0/RPMS/gaim-1.3.0-0.1.C30mdk.x86_64.rpm
 f4a248008e042fe09d11853ef385cbbf  
x86_64/corporate/3.0/RPMS/gaim-devel-1.3.0-0.1.C30mdk.x86_64.rpm
 68d12ef13d3419cf0358ca51b15b48ff  
x86_64/corporate/3.0/RPMS/gaim-perl-1.3.0-0.1.C30mdk.x86_64.rpm
 75207cb70b1388e1ef6d5aa5c8a47b33  
x86_64/corporate/3.0/RPMS/gaim-tcl-1.3.0-0.1.C30mdk.x86_64.rpm
 9b76928971f8f5adac79c2e68e1a0793  
x86_64/corporate/3.0/RPMS/lib64gaim-remote0-1.3.0-0.1.C30mdk.x86_64.rpm
 e7b767077d1ebba151fbd932c11746c7  
x86_64/corporate/3.0/RPMS/lib64gaim-remote0-devel-1.3.0-0.1.C30mdk.x86_64.rpm
 050ba22fc5a9834d611cc671fd23e897  
x86_64/corporate/3.0/SRPMS/gaim-1.3.0-0.1.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCg3VSmqjQ0CJFipgRAkjPAKCWLOG4H9jcph6x39b8Xrh/IKxT0ACdG1AT
BIi6b69OC/MGJ3XVhQTDEmk=
=Mt9w
-----END PGP SIGNATURE-----

Prev by Date: MDKSA-2005:087 - Updated tcpdump packages fix multiple vulnerabilities
Next by Date: MDKSA-2005:085 - Updated kdelibs packages fix vulnerabilities
Previous by thread: MDKSA-2005:087 - Updated tcpdump packages fix multiple vulnerabilities
Next by thread: MDKSA-2005:085 - Updated kdelibs packages fix vulnerabilities
Index(es):
- Date
- Thread