| Revision Date: | 2005-06-16 | Version: | 502 |
| Title: | RHSA-2005:518: gaim security update (Moderate) |
| Description: | The Gaim application is a multi-protocol instant messaging client.
Jacopo Ottaviani discovered a bug in the way Gaim handles Yahoo! Messenger file transfers. It is possible for a malicious user to send a specially crafted file transfer request that causes Gaim to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1269 to this issue.
Additionally, Hugo de Bokkenrijder discovered a bug in the way Gaim parses MSN Messenger messages. It is possible for a malicious user to send a specially crafted MSN Messenger message that causes Gaim to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1934 to this issue.
Users of gaim are advised to upgrade to this updated package, which contains version 1.3.1 and is not vulnerable to these issues.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2005-1269
CVE-2005-1934
RHSA-2005:518-01
|
| Platform(s): | Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
| Product(s): | |
| Definition Synopsis |
| Release Information Red Hat Enterprise Linux 3 is installed
AND gaim is earlier than 1:1.3.1-0.el3
AND gaim is signed with Red Hat master key
OR Package Information
Red Hat Enterprise Linux 4 is installed
AND gaim is earlier than 1:1.3.1-0.el4
AND gaim is signed with Red Hat master key
|