SUSE reported two potential exploitable remote vulnerabilities in the Gaim msn protocol. These need investigation to discover if they require a malicious server to be exploited, or if they can be exploited by packets by a peer. RHEL2.1 shipped with gaim-0.59.1 which doesn't appear to have either of these flaws (protocol code is totally different). Embargoed. No date yet set. CAN-2004-0500 Affects: 3AS 3ES 3WS 3Desktop CAN-2004-0500 Affects: FC1 CAN-2004-0500 Affects: FC2
Created attachment 101920 [details] Current proposed gaim patch
This is going to be RHSA-2004:400
(public, removing embargo)
An errata has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2004-400.html