Fedora Legacy Test Update Notification: gaim

Tue Jan 24 23:30:21 UTC 2006

---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2005-158543
Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=158543
2006-01-24
---------------------------------------------------------------------

Name        : gaim
7.3 Version : gaim-1.5.0-0.73.1.legacy
9 Version   : gaim-1.5.0-0.90.1.legacy
fc1 Version : gaim-1.5.0-1.fc1.1.legacy
fc2 Version : gaim-1.5.0-1.fc2.1.legacy
Summary     : A GTK+ clone of the AOL Instant Messenger client.
Description :
Gaim is a clone of America Online's Instant Messenger client. It
features nearly all of the functionality of the official AIM client
while also being smaller, faster, and commercial-free.

---------------------------------------------------------------------
Update Information:

An updated gaim package that fixes various security issues as well as a
number of bugs is now available.

The Gaim application is a multi-protocol instant messaging client.

Two HTML parsing bugs were discovered in Gaim. It is possible that a
remote attacker could send a specially crafted message to a Gaim client,
causing it to crash. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the names CAN-2005-0208 and CAN-2005-0473
to these issues.

A bug in the way Gaim processes SNAC packets was discovered. It is
possible that a remote attacker could send a specially crafted SNAC
packet to a Gaim client, causing the client to stop responding. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0472 to this issue.

A buffer overflow bug was found in the way gaim escapes HTML. It is
possible that a remote attacker could send a specially crafted message
to a Gaim client, causing it to crash. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-0965
to this issue.

A bug was found in several of gaim's IRC processing functions. These
functions fail to properly remove various markup tags within an IRC
message. It is possible that a remote attacker could send a specially
crafted message to a Gaim client connected to an IRC server, causing it
to crash. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0966 to this issue.

A bug was found in gaim's Jabber message parser. It is possible for a
remote Jabber user to send a specially crafted message to a Gaim client,
causing it to crash. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0967 to this issue.

A stack based buffer overflow bug was found in the way gaim processes a
message containing a URL. A remote attacker could send a carefully
crafted message resulting in the execution of arbitrary code on a
victim's machine. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-1261 to this issue.

A bug was found in the way gaim handles malformed MSN messages. A remote
attacker could send a carefully crafted MSN message causing gaim to
crash. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2005-1262 to this issue.

A heap based buffer overflow issue was discovered in the way Gaim
processes away messages. A remote attacker could send a specially
crafted away message to a Gaim user logged into AIM or ICQ that could
result in arbitrary code execution. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-2103 to
this issue.

Daniel Atallah discovered a denial of service issue in Gaim. A remote
attacker could attempt to upload a file with a specially crafted name to
a user logged into AIM or ICQ, causing Gaim to crash. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CAN-2005-2102 to this issue.

A denial of service bug was found in Gaim's Gadu Gadu protocol handler.
A remote attacker could send a specially crafted message to a Gaim user
logged into Gadu Gadu, causing Gaim to crash. Please note that this
issue only affects PPC and IBM S/390 systems running Gaim. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CAN-2005-2370 to this issue.

Jacopo Ottaviani discovered a bug in the way Gaim handles Yahoo!
Messenger file transfers. It is possible for a malicious user to send a
specially crafted file transfer request that causes Gaim to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-1269 to this issue.

Additionally, Hugo de Bokkenrijder discovered a bug in the way Gaim
parses MSN Messenger messages. It is possible for a malicious user to
send a specially crafted MSN Messenger message that causes Gaim to
crash. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2005-1934 to this issue.

Additionally, various client crashes, memory leaks, and protocol issues
have been resolved.

Users of Gaim are advised to upgrade to this updated package which
contains Gaim version 1.5.0 and is not vulnerable to these issues.

---------------------------------------------------------------------
7.3 changelog:
* Wed Jan 18 2006 Marc Deslauriers <marcdeslauriers at videotron.ca>
1.5.0-0.73.1.legacy
- Updated to 1.5.0 to fix security issues
- Added CVS backport patches from FC4

* Mon May 23 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
1.3.0-0.73.1.legacy
- Updated to 1.3.0 to fix security issues

* Sun May 01 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
1.2.1-0.73.2.legacy
- Added fix for perl plugin

* Sat Apr 16 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
1.2.1-0.73.1.legacy
- Updated to 1.2.1 to fix security issues
- Added CVS backport patches from RHEL

* Thu Mar 10 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
1.1.4-0.73.1.legacy
- Updated to 1.1.4 to fix security issues
- Added CVS backport patches from RHEL

9 changelog:
* Thu Jan 19 2006 Marc Deslauriers <marcdeslauriers at videotron.ca>
1:1.5.0-0.90.1.legacy

- Rebuilt as Fedora Legacy rh9 security update
- Added desktop-file-utils, mozilla-nspr-devel and mozilla-nss BuildRequires
- Added fix for perl plugin
- Disabled PIE patch

fc1 changelog:
* Sat Jan 21 2006 Marc Deslauriers <marcdeslauriers at videotron.ca>
1:1.5.0-1.fc1.1.legacy
- Rebuilt as Fedora Legacy FC1 security update
- Added desktop-file-utils to BuildRequires

fc2 changelog:
* Thu Jan 19 2006 Marc Deslauriers <marcdeslauriers at videotron.ca>
1:1.5.0-1.fc2.1.legacy
- Rebuilt as Fedora Legacy update for FC2
- Added desktop-file-utils to BuildRequires

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedoralegacy.org/
(sha1sums)

a51c47a7e69e2ae0de301b5aea04a078a34bd494
redhat/7.3/updates-testing/i386/gaim-1.5.0-0.73.1.legacy.i386.rpm
cf664d6dea2391a620286c2a0558f344128dc09b
redhat/7.3/updates-testing/SRPMS/gaim-1.5.0-0.73.1.legacy.src.rpm
99901a3c55dc899071cd0373c71ce18b694e38d0
redhat/9/updates-testing/i386/gaim-1.5.0-0.90.1.legacy.i386.rpm
47f2231f0085bfd8c24e3a01ae707781543bb243
redhat/9/updates-testing/SRPMS/gaim-1.5.0-0.90.1.legacy.src.rpm
fda20f97bf8c2ce8a5075c579bcbf6c3e3a66e81
fedora/1/updates-testing/i386/gaim-1.5.0-1.fc1.1.legacy.i386.rpm
8be725ea3874e315278e4926ed72930c74a3d6df
fedora/1/updates-testing/SRPMS/gaim-1.5.0-1.fc1.1.legacy.src.rpm
d8c6b98a019633a8a2debd6e2a86daccae6cdeda
fedora/2/updates-testing/i386/gaim-1.5.0-1.fc2.1.legacy.i386.rpm
46e6ff8101c40018ab98b7f3c5e01f656eb2cdfe
fedora/2/updates-testing/SRPMS/gaim-1.5.0-1.fc2.1.legacy.src.rpm

---------------------------------------------------------------------

Please test and comment in bugzilla.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-legacy-list/attachments/20060124/c7295b51/attachment.sig>