Package name
libgadu
Date
2009-08-20
Advisory ID
MDVSA-2009:208
Affected versions
2009.0 x86_64 , MES5 i586 , 2009.0 i586 , 2008.1 x86_64 , 2008.1 i586 , MES5 x86_64

Problem description

A vulnerability has been found and corrected in libgadu:

libgadu before 1.8.2 allows remote servers to cause a denial of service
(crash) via a contact description with a large length, which triggers
a buffer over-read (CVE-2008-4776).

This update provides a solution to this vulnerability.

Updated packages

2009.0 x86_64

 d163436eefbc29409fb42289596f8ea9  2009.0/x86_64/lib64gadu3-1.8.1-2.1mdv2009.0.x86_64.rpm
 19bd5071b0ba3a348e846d177b5952eb  2009.0/x86_64/lib64gadu-devel-1.8.1-2.1mdv2009.0.x86_64.rpm 
 4e46ebf53c466e5afc61f740db59ef1e  2009.0/SRPMS/libgadu-1.8.1-2.1mdv2009.0.src.rpm

MES5 i586

 8618cf0c0b55a33249f2551b4c1cd2a8  mes5/i586/libgadu3-1.8.1-2.1mdvmes5.i586.rpm
 f5507588a57548cb6215b64c0e05a9da  mes5/i586/libgadu-devel-1.8.1-2.1mdvmes5.i586.rpm 
 343437290b1c8e4204d19fa3248f2388  mes5/SRPMS/libgadu-1.8.1-2.1mdvmes5.src.rpm

2009.0 i586

 a1c0c94b882c442897074c473bd7c432  2009.0/i586/libgadu3-1.8.1-2.1mdv2009.0.i586.rpm
 27f122bbc778314bc59f929f5efc4bd9  2009.0/i586/libgadu-devel-1.8.1-2.1mdv2009.0.i586.rpm 
 4e46ebf53c466e5afc61f740db59ef1e  2009.0/SRPMS/libgadu-1.8.1-2.1mdv2009.0.src.rpm

2008.1 x86_64

 673242fd7da029005a1fdcea295fe576  2008.1/x86_64/lib64gadu3-1.8.0-1.1mdv2008.1.x86_64.rpm
 5fe5265aa0a7f2a767b6b63d3dc4a00e  2008.1/x86_64/lib64gadu-devel-1.8.0-1.1mdv2008.1.x86_64.rpm 
 1a9d6c02ec1b2683253d1058f6a52ffc  2008.1/SRPMS/libgadu-1.8.0-1.1mdv2008.1.src.rpm

2008.1 i586

 1c0af6f00f073390ff69e6844394b813  2008.1/i586/libgadu3-1.8.0-1.1mdv2008.1.i586.rpm
 6d6fc79f0f8ea9deaa79f67013be103b  2008.1/i586/libgadu-devel-1.8.0-1.1mdv2008.1.i586.rpm 
 1a9d6c02ec1b2683253d1058f6a52ffc  2008.1/SRPMS/libgadu-1.8.0-1.1mdv2008.1.src.rpm

MES5 x86_64

 895a408fecee913966d93b26175edae3  mes5/x86_64/lib64gadu3-1.8.1-2.1mdvmes5.x86_64.rpm
 f76383153c792fd9fd4f3cd149d9aa83  mes5/x86_64/lib64gadu-devel-1.8.1-2.1mdvmes5.x86_64.rpm 
 343437290b1c8e4204d19fa3248f2388  mes5/SRPMS/libgadu-1.8.1-2.1mdvmes5.src.rpm

References