Accepted gaim 1:1.0.0-1ubuntu2 (source)

Martin Pitt mpitt at debian.org
Thu Oct 28 09:55:04 CDT 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 28 Oct 2004 16:51:38 +0200
Source: gaim
Binary: gaim
Architecture: source
Version: 1:1.0.0-1ubuntu2
Distribution: hoary
Urgency: low
Maintainer: Robert McQueen <robot101 at debian.org>
Changed-By: Martin Pitt <mpitt at debian.org>
Description: 
 gaim       - multi-protocol instant messaging client
Changes: 
 gaim (1:1.0.0-1ubuntu2) hoary; urgency=low
 .
   * Hoary upload to fix outstanding security issue (see previous changelog).
 .
 gaim (1:1.0.0-1ubuntu1.1) warty-security; urgency=low
 .
   * Security update to fix three flaws in the MSN protocol handler:
     Added debian/patches/msn-security.patch with backports from version 1.0.2:
 .
     - Buffer overflow: memcpy was used without checking the size of the buffer
       before copying to it. Additionally, a logic flaw was causing the wrong
       buffer to be used as the destination for the copy under certain
       circumstances.
 .
       CAN-2004-0891
       http://gaim.sourceforge.net/security/?id=9
 .
     - Remote crash: Gaim allocates a buffer for the payload of each message
       received based on the size field in the header of the message. A malicious
       peer could specify an invalid size that exceeds the amount of available
       memory.
 .
       Fix: Replace call to g_malloc() with call to g_try_malloc(). If the
       memory could not be allocated the function returns instead of causing
       the application to crash.
 .
       http://gaim.sourceforge.net/security/?id=8
 .
     - Remote crash: After accepting a file transfer request, Gaim will attempt
       to allocate a buffer of a size equal to the entire filesize, this
       allocation attempt will cause Gaim to crash if the size exceeds the amount
       of available memory.
 .
       Fix: don't allocate a buffer for file transfers.
 .
       http://gaim.sourceforge.net/security/?id=7
Files: 
 5160811cc21edbb2083b9493405eb4fb 849 net optional gaim_1.0.0-1ubuntu2.dsc
 e8f1d1617d9689af6631e722e4eabe85 40767 net optional gaim_1.0.0-1ubuntu2.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBgQfHDecnbV4Fd/IRAiGaAJ0aXHqCBuokRC2JvpJZKHubbm3JOgCglCMT
2SzaAL5QcUPkhm1iny959HA=
=i0yv
-----END PGP SIGNATURE-----


Accepted:
gaim_1.0.0-1ubuntu2.diff.gz
  to pool/main/g/gaim/gaim_1.0.0-1ubuntu2.diff.gz
gaim_1.0.0-1ubuntu2.dsc
  to pool/main/g/gaim/gaim_1.0.0-1ubuntu2.dsc

More information about the hoary-changes mailing list