Package: gaim
Version: 1:1.2.1-1.4
Severity: grave
Justification: user security hole

This info from http://www.securityfocus.com/bid/14531. Seems ubuntu have
released usn-168-1 to announce their fix:
http://www.ubuntulinux.org/support/documentation/usn/usn-168-1

CAN-2005-2102 is about an attacker crashing gaim by sending a file over
ICQ with a filename containing invalid UTF-8 characters.

CAN-2005-2103 is about a memory alignment problem in the Gadu library
for the Gadu protocol, of which Gaim has a copy of.


-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686-smp
Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1)

Versions of packages gaim depends on:
ii  gaim-data              1:1.2.1-1.4       multi-protocol instant messaging c


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to