SUSE reported two potential exploitable remote vulnerabilities
in the Gaim msn protocol. These need investigation to discover if
they require a malicious server to be exploited, or if they can be
exploited by packets by a peer.
RHEL2.1 shipped with gaim-0.59.1 which doesn't appear to have either
of these flaws (protocol code is totally different).
Embargoed. No date yet set.
CAN-2004-0500 Affects: 3AS 3ES 3WS 3Desktop
CAN-2004-0500 Affects: FC1
CAN-2004-0500 Affects: FC2
Created attachment 101920 [details]
Current proposed gaim patch
This is going to be RHSA-2004:400
(public, removing embargo)
An errata has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.