LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: July 25th, 2014
Linux Advisory Watch: July 18th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian: New gaim packages fix denial of service Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Debian Updated package.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 716-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
April 27th, 2005                        http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : gaim
Vulnerability  : denial of service
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2005-0472

It has been discovered that certain malformed SNAC packets sent by
other AIM or ICQ users can trigger an infinite loop in Gaim, a
multi-protocol instant messaging client, and hence lead to a denial of
service of the client.

Two more denial of service conditions have been discovered in newer
versions of Gaim which are fixed in the package in sid but are not
present in the package in woody.

For the stable distribution (woody) this problem has been fixed in
version 0.58-2.5.

For the unstable distribution (sid) these problems have been fixed in
version 1.1.3-1.

We recommend that you upgrade your gaim packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/g/gaim/gaim_0.58-2.5.dsc
      Size/MD5 checksum:      681 e985a045131d5ad43c2192533d581d49
    http://security.debian.org/pool/updates/main/g/gaim/gaim_0.58-2.5.diff.gz
      Size/MD5 checksum:    23078 688d4d51bd00e863c4c911f539708f0d
    http://security.debian.org/pool/updates/main/g/gaim/gaim_0.58.orig.tar.gz
      Size/MD5 checksum:  1928057 644df289daeca5f9dd3983d65c8b2407

  Alpha architecture:

    http://security.debian.org/pool/updates/main/g/gaim/gaim_0.58-2.5_alpha.deb
      Size/MD5 checksum:   480588 297fed5e44fab4f49c3c103159ee3dc4
    http://security.debian.org/pool/updates/main/g/gaim/gaim-common_0.58-2.5_alpha.deb
      Size/MD5 checksum:   674918 1a59dbf94b98f25c18eaeee28aab5910
    http://security.debian.org/pool/updates/main/g/gaim/gaim-gnome_0.58-2.5_alpha.deb
      Size/MD5 checksum:   501450 bbe7cdac070bed0937596df34052c555

  ARM architecture:

    http://security.debian.org/pool/updates/main/g/gaim/gaim_0.58-2.5_arm.deb
      Size/MD5 checksum:   401938 1f9588d2015c20477f35f59de2e67190
    http://security.debian.org/pool/updates/main/g/gaim/gaim-common_0.58-2.5_arm.deb
      Size/MD5 checksum:   615258 6a1d88825004fb405881674236b5f34b
    http://security.debian.org/pool/updates/main/g/gaim/gaim-gnome_0.58-2.5_arm.deb
      Size/MD5 checksum:   422646 eab79e46b080475268510509635388b2

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/g/gaim/gaim_0.58-2.5_i386.deb
      Size/MD5 checksum:   389530 e4b3815727835a3ab112fb109a328021
    http://security.debian.org/pool/updates/main/g/gaim/gaim-common_0.58-2.5_i386.deb
      Size/MD5 checksum:   605678 619283e7b98add8bf725beb71a3de75b
    http://security.debian.org/pool/updates/main/g/gaim/gaim-gnome_0.58-2.5_i386.deb
      Size/MD5 checksum:   409274 c81aa5abd01455d0b082c6503e5abb32

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/g/gaim/gaim_0.58-2.5_ia64.deb
      Size/MD5 checksum:   557214 f57cd6a3c35d2d7042690e5584d3c49c
    http://security.debian.org/pool/updates/main/g/gaim/gaim-common_0.58-2.5_ia64.deb
      Size/MD5 checksum:   765410 33b7051caea6919c87519bc9c570ef69
    http://security.debian.org/pool/updates/main/g/gaim/gaim-gnome_0.58-2.5_ia64.deb
      Size/MD5 checksum:   570064 2a9d5dbdd9b1bc7470d3a7a12cf3b453

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/g/gaim/gaim_0.58-2.5_hppa.deb
      Size/MD5 checksum:   459698 74a1621f52f73e436aeffc82e1c528a5
    http://security.debian.org/pool/updates/main/g/gaim/gaim-common_0.58-2.5_hppa.deb
      Size/MD5 checksum:   691344 06a88c54e725114cb0818b50dce65fd5
    http://security.debian.org/pool/updates/main/g/gaim/gaim-gnome_0.58-2.5_hppa.deb
      Size/MD5 checksum:   481568 5aaf2370d855711ae2d2916c13831f0b

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/g/gaim/gaim_0.58-2.5_m68k.deb
      Size/MD5 checksum:   370690 627841728dabb3c6e83e60c8001a0ac4
    http://security.debian.org/pool/updates/main/g/gaim/gaim-common_0.58-2.5_m68k.deb
      Size/MD5 checksum:   622818 e4205658f157914fc5cea27c7248a71d
    http://security.debian.org/pool/updates/main/g/gaim/gaim-gnome_0.58-2.5_m68k.deb
      Size/MD5 checksum:   392316 8ee4f81a43e8b9ae123adadba2eed04c

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gaim/gaim_0.58-2.5_mips.deb
      Size/MD5 checksum:   406618 354027157ccc8439f28f3d05198cce12
    http://security.debian.org/pool/updates/main/g/gaim/gaim-common_0.58-2.5_mips.deb
      Size/MD5 checksum:   615058 36c64cdcac52153d504eb7e246560510
    http://security.debian.org/pool/updates/main/g/gaim/gaim-gnome_0.58-2.5_mips.deb
      Size/MD5 checksum:   427314 7f59f09c347ed39a12fad8408c40fab3

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gaim/gaim_0.58-2.5_mipsel.deb
      Size/MD5 checksum:   397210 f690bab2d77b7f5bc5c207ab8799a7ae
    http://security.debian.org/pool/updates/main/g/gaim/gaim-common_0.58-2.5_mipsel.deb
      Size/MD5 checksum:   607548 a62777c3ba8590660821edb1f46947ee
    http://security.debian.org/pool/updates/main/g/gaim/gaim-gnome_0.58-2.5_mipsel.deb
      Size/MD5 checksum:   416922 31b725e25888062257b1d9a212450a0e

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/g/gaim/gaim_0.58-2.5_powerpc.deb
      Size/MD5 checksum:   413722 b499efefdd53e1e1f99c82fe4345d740
    http://security.debian.org/pool/updates/main/g/gaim/gaim-common_0.58-2.5_powerpc.deb
      Size/MD5 checksum:   643070 e6a50e343c77e80e72c26570e4086452
    http://security.debian.org/pool/updates/main/g/gaim/gaim-gnome_0.58-2.5_powerpc.deb
      Size/MD5 checksum:   434530 be29354736f00ed85d5aa36d0bb86330

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/g/gaim/gaim_0.58-2.5_s390.deb
      Size/MD5 checksum:   399718 1328ff0fecf64d0a8db50bcbf6a4307d
    http://security.debian.org/pool/updates/main/g/gaim/gaim-common_0.58-2.5_s390.deb
      Size/MD5 checksum:   644284 c668b1de2ad8c707c5f8ad2de456bf9c
    http://security.debian.org/pool/updates/main/g/gaim/gaim-gnome_0.58-2.5_s390.deb
      Size/MD5 checksum:   422222 14e4654f7df7c22fb6e8240908c7836c

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/g/gaim/gaim_0.58-2.5_sparc.deb
      Size/MD5 checksum:   409866 7d8a00f61567dea550246ba36ee8f350
    http://security.debian.org/pool/updates/main/g/gaim/gaim-common_0.58-2.5_sparc.deb
      Size/MD5 checksum:   654072 aca9f7da61fa3f05e5394844fd1cc0ba
    http://security.debian.org/pool/updates/main/g/gaim/gaim-gnome_0.58-2.5_sparc.deb
      Size/MD5 checksum:   428798 d4eb82d10dfcaee16df40d3c4547e809


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Four fake Google haxbots hit YOUR WEBSITE every day
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
The Barnaby Jack Few Knew: Celebrated Hacker Saw Spotlight as 'Necessary Evil'
What I Learned from Edward Snowden at the Hacker Conference
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.