Paketname
libgadu
Datum
2009-12-04
Advisory ID
MDVSA-2009:208-1
Betroffene Versionen
2008.0 i586 , 2008.0 x86_64

Problembeschreibung

A vulnerability has been found and corrected in libgadu:

libgadu before 1.8.2 allows remote servers to cause a denial of service
(crash) via a contact description with a large length, which triggers
a buffer over-read (CVE-2008-4776).

This update provides a solution to this vulnerability.

Update:

Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers

Aktualisierte Pakete

2008.0 i586

 81809df3e0b03835018466bf0ba471ec  2008.0/i586/libgadu3-1.7.1-5.1mdv2008.0.i586.rpm
 a31b60277b293170877f42f8d144e0d8  2008.0/i586/libgadu-devel-1.7.1-5.1mdv2008.0.i586.rpm
 bb3f731068198a4515be7c8fd67f6e5b  2008.0/i586/libgadu-static-devel-1.7.1-5.1mdv2008.0.i586.rpm 
 b75cb6f9da59d14e459528151655baa6  2008.0/SRPMS/libgadu-1.7.1-5.1mdv2008.0.src.rpm

2008.0 x86_64

 fe2a020d21c3c14e170aeb64aff9ac44  2008.0/x86_64/lib64gadu3-1.7.1-5.1mdv2008.0.x86_64.rpm
 0cec93b5638e9d1d7032fc36181841ae  2008.0/x86_64/lib64gadu-devel-1.7.1-5.1mdv2008.0.x86_64.rpm
 40daf207c436ffbb4533b83f57bb590d  2008.0/x86_64/lib64gadu-static-devel-1.7.1-5.1mdv2008.0.x86_64.rpm 
 b75cb6f9da59d14e459528151655baa6  2008.0/SRPMS/libgadu-1.7.1-5.1mdv2008.0.src.rpm

Referenzen