LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: December 22nd, 2014
Linux Advisory Watch: December 19th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian: New centericq packages fix several vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Debian Updated package.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 813-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
September 15th, 2005                    http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : centericq
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE IDs        : CAN-2005-2369 CAN-2005-2370 CAN-2005-2448
BugTraq ID     : 14415

Several problems have been discovered in libgadu which is also part of
centericq, a text-mode multi-protocol instant messenger client.  The
Common Vulnerabilities and Exposures project identifies the following
problems:

CAN-2005-2369

    Multiple integer signedness errors may allow remote attackers to
    cause a denial of service or execute arbitrary code.

CAN-2005-2370

    Memory alignment errors may allows remote attackers to cause a
    denial of service on certain architectures such as sparc.

CAN-2005-2448

    Several endianess errors may allow remote attackers to cause a
    denial of service.

The old stable distribution (woody) is not affected by these problems.

For the stable distribution (sarge) these problems have been fixed in
version 4.20.0-1sarge2.

For the unstable distribution (sid) these problems have been fixed in
version 4.20.0-9.

We recommend that you upgrade your centericq package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2.dsc
      Size/MD5 checksum:      875 3e3856c76ecca4033d594f40b84594fe
    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2.diff.gz
      Size/MD5 checksum:   105757 2847f29ebc190209bc9801cda4021465
    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0.orig.tar.gz
      Size/MD5 checksum:  1796894 874165f4fbd40e3be677bdd1696cee9d

  Alpha architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_alpha.deb
      Size/MD5 checksum:  1650414 6428d1b002427f84264e264f039942b6
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_alpha.deb
      Size/MD5 checksum:   335816 83d71d7e3ddc678f92208714c69421c1
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_alpha.deb
      Size/MD5 checksum:  1651512 e552870deeb140d3c152a314ecbf34cd
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_alpha.deb
      Size/MD5 checksum:  1650438 55cd6872aae5e63348f7b816ea72d54b

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_amd64.deb
      Size/MD5 checksum:  1355220 3e2133ded560c48685d2b99ba5bf0dce
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_amd64.deb
      Size/MD5 checksum:   335722 4b1695d70272933dc7e239043cd97dca
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_amd64.deb
      Size/MD5 checksum:  1355440 2cfb3c7c9386a5975ec3d433ca45e5c4
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_amd64.deb
      Size/MD5 checksum:  1355268 a0cb191dfa09ef9b517bfa5e91779dad

  ARM architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_arm.deb
      Size/MD5 checksum:  2185136 2d1317f0919c28662971967458546742
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_arm.deb
      Size/MD5 checksum:   335868 726094239479d03fd2eb63f4f307e46b
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_arm.deb
      Size/MD5 checksum:  2185970 bb6521dedcca573e28a2c34fd9c1ab74
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_arm.deb
      Size/MD5 checksum:  2185188 84cd56c79406e409bb0513a0997870f8

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_i386.deb
      Size/MD5 checksum:  1348652 c59e862bca93d94d4edee43911bbdeb7
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_i386.deb
      Size/MD5 checksum:   335708 2c3d7782f385f0b81a3ce3dd4b089977
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_i386.deb
      Size/MD5 checksum:  1349472 fb8e54aa013dacc37499fd68ae032116
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_i386.deb
      Size/MD5 checksum:  1348570 f353cb12552cfc0db7ed0d3129edc1d7

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_ia64.deb
      Size/MD5 checksum:  1881308 0eaa392858b373326fe3f5fbcbd267da
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_ia64.deb
      Size/MD5 checksum:   335814 5ce50347f96935af6f00e6e6ec89352c
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_ia64.deb
      Size/MD5 checksum:  1882180 359605a9a9bc322896110b2652da8859
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_ia64.deb
      Size/MD5 checksum:  1881288 3b41f39c82d45d048c56fd71b052b34a

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_hppa.deb
      Size/MD5 checksum:  1812364 d776d20c88b1d045eab6c2cbc7e4856f
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_hppa.deb
      Size/MD5 checksum:   336524 15a3df7f872450f63c650e08a5804d28
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_hppa.deb
      Size/MD5 checksum:  1813476 6804d5b88c0e662daccc7d8a462bc843
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_hppa.deb
      Size/MD5 checksum:  1812430 72dbb22383ac61176bfdbc563026f728

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_m68k.deb
      Size/MD5 checksum:  1399316 4f0a41a9a10d9764806b753669a19721
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_m68k.deb
      Size/MD5 checksum:   336586 c5fda5db59d172c072943ba56fa7ab4e
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_m68k.deb
      Size/MD5 checksum:  1399996 fa827fa4c93f695d6ad976975aa15201
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_m68k.deb
      Size/MD5 checksum:  1399362 fbe685ca5920fda77744d1ed896e8848

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_mips.deb
      Size/MD5 checksum:  1493038 111b76f2e63dc4fc6cc51f5cdabc3d3b
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_mips.deb
      Size/MD5 checksum:   336552 61b4098b1245044a145571caad3384fd
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_mips.deb
      Size/MD5 checksum:  1493630 c478a464bebad10f9883abeb2097be09
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_mips.deb
      Size/MD5 checksum:  1493080 182a6d6b77e18cdda5c29154149e0191

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_mipsel.deb
      Size/MD5 checksum:  1483212 e4d498542aec27d2ded408c756e05844
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_mipsel.deb
      Size/MD5 checksum:   335834 32e81dfb6114a2f1175d4b0e747efb1c
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_mipsel.deb
      Size/MD5 checksum:  1483786 bbf2190ab5d4d0cecb332c6d6e87d897
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_mipsel.deb
      Size/MD5 checksum:  1483264 d991ec5892ad4a1f4452f6ac265c9524

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_powerpc.deb
      Size/MD5 checksum:  1386046 27c0795c598216692bb9e3ddabbe38ab
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_powerpc.deb
      Size/MD5 checksum:   336542 65b7360541cf810d6e0e66e4e985eed8
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_powerpc.deb
      Size/MD5 checksum:  1386558 15377035743dde60440d7847a8050a5d
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_powerpc.deb
      Size/MD5 checksum:  1386122 7f1e7a8ffcb42aef23b6d29043295b91

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_s390.deb
      Size/MD5 checksum:  1193924 bcbb0a591e411c0fcd4bd02cef5eedbb
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_s390.deb
      Size/MD5 checksum:   336546 3710534682406a034733acad3b3c2ed5
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_s390.deb
      Size/MD5 checksum:  1194212 8f5729cbc295bb04986b96af8e9de1bf
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_s390.deb
      Size/MD5 checksum:  1193970 943e805ff5904ede894a864d6ac4d34b

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_sparc.deb
      Size/MD5 checksum:  1325896 8e8e65fe000e12e309700513c1e2b8ba
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_sparc.deb
      Size/MD5 checksum:   336550 46d2e5ced85fa02754d4c3868d39c129
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_sparc.deb
      Size/MD5 checksum:  1326696 81974721d8a2b7041a375bf36c44464e
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_sparc.deb
      Size/MD5 checksum:  1325860 f025aef1774bdf29ba0120070e8ff4f1


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Report: U.S. planning “proportional response” to Sony hack, blamed on North Korea
Heartbleed, Shellshock, Tor and more: The 13 biggest security stories of 2014
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.