MDVSA-2009:208-1
- Package name
- libgadu
- Date
- 2009-12-04
- Advisory ID
- MDVSA-2009:208-1
- Affected versions
- 2008.0 i586 , 2008.0 x86_64
Problem description
A vulnerability has been found and corrected in libgadu:
libgadu before 1.8.2 allows remote servers to cause a denial of service
(crash) via a contact description with a large length, which triggers
a buffer over-read (CVE-2008-4776).
This update provides a solution to this vulnerability.
Update:
Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers
Updated packages
2008.0 i586
81809df3e0b03835018466bf0ba471ec 2008.0/i586/libgadu3-1.7.1-5.1mdv2008.0.i586.rpm a31b60277b293170877f42f8d144e0d8 2008.0/i586/libgadu-devel-1.7.1-5.1mdv2008.0.i586.rpm bb3f731068198a4515be7c8fd67f6e5b 2008.0/i586/libgadu-static-devel-1.7.1-5.1mdv2008.0.i586.rpm b75cb6f9da59d14e459528151655baa6 2008.0/SRPMS/libgadu-1.7.1-5.1mdv2008.0.src.rpm
2008.0 x86_64
fe2a020d21c3c14e170aeb64aff9ac44 2008.0/x86_64/lib64gadu3-1.7.1-5.1mdv2008.0.x86_64.rpm 0cec93b5638e9d1d7032fc36181841ae 2008.0/x86_64/lib64gadu-devel-1.7.1-5.1mdv2008.0.x86_64.rpm 40daf207c436ffbb4533b83f57bb590d 2008.0/x86_64/lib64gadu-static-devel-1.7.1-5.1mdv2008.0.x86_64.rpm b75cb6f9da59d14e459528151655baa6 2008.0/SRPMS/libgadu-1.7.1-5.1mdv2008.0.src.rpm