Package name
libgadu
Date
2014-02-18
Advisory ID
MDVSA-2014:039
Affected versions
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problem description

Updated libgadu packages fix security vulnerability:

A malicious server or man-in-the-middle could send a large value for
Content-Length and cause an integer overflow which could lead to a
buffer overflow in Gadu-Gadu HTTP parsing (CVE-2013-6487).

Updated packages

MES5 i586

 65640d78caeb724856896f6ac5f6ccbf  mes5/i586/libgadu3-1.8.1-2.2mdvmes5.2.i586.rpm
 23e13f92896af06860593ece27a3a2e5  mes5/i586/libgadu-devel-1.8.1-2.2mdvmes5.2.i586.rpm 
 2c454d07d7d9abb15fddefe39360c38a  mes5/SRPMS/libgadu-1.8.1-2.2mdvmes5.2.src.rpm

MBS1 x86_64

 16f19b3210caefdcb38653f2c8684792  mbs1/x86_64/lib64gadu3-1.11.3-1.mbs1.x86_64.rpm
 9301c10131e11e8ea6ff25f3c804acec  mbs1/x86_64/lib64gadu-devel-1.11.3-1.mbs1.x86_64.rpm 
 07ae07079d369cb322c2af5c254bdc66  mbs1/SRPMS/libgadu-1.11.3-1.mbs1.src.rpm

MES5 x86_64

 4230f0fb619aeccc503dc95ac9e90798  mes5/x86_64/lib64gadu3-1.8.1-2.2mdvmes5.2.x86_64.rpm
 69effc40493fd6a8d8bd9c8b6bb560ef  mes5/x86_64/lib64gadu-devel-1.8.1-2.2mdvmes5.2.x86_64.rpm 
 2c454d07d7d9abb15fddefe39360c38a  mes5/SRPMS/libgadu-1.8.1-2.2mdvmes5.2.src.rpm

References