Bug 152916
| Summary: | CAN-2005-0208,0472,0473,0965,0966,0967 gaim security issues | ||
|---|---|---|---|
| Product: | [Retired] Fedora Legacy | Reporter: | Marc Deslauriers <marc.deslauriers> |
| Component: | gaim | Assignee: | Fedora Legacy Bugs <bugs> |
| Status: | CLOSED DUPLICATE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | jpdalbec, mschout, pekkas |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://rhn.redhat.com/errata/RHSA-2005-215.html, https://rhn.redhat.com/errata/RHSA-2005-365.html | ||
| Whiteboard: | 1, LEGACY, rh73, rh90 | ||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2005-07-15 22:16:18 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 158543 | ||
| Bug Blocks: | |||
|
Description
David Lawrence
2005-03-30 23:31:58 UTC
Three more problems: A buffer overflow bug was found in the way gaim escapes HTML. It is possible that a remote attacker could send a specially crafted message to a Gaim client, causing it to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0965 to this issue. A bug was found in several of gaim's IRC processing functions. These functions fail to properly remove various markup tags within an IRC message. It is possible that a remote attacker could send a specially crafted message to a Gaim client connected to an IRC server, causing it to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0966 to this issue. A bug was found in gaim's Jabber message parser. It is possible for a remote Jabber user to send a specially crafted message to a Gaim client, causing it to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0967 to this issue. https://rhn.redhat.com/errata/RHSA-2005-365.html The jabber section removed from the xml file doesn't matter, it was default settings. libcrypt.so.1, libgnome, libutil.so.1, mozilla-nss and perl.so being missing is a side-effect of not including the perl plugin anymore. The perl plugin doesn't work anymore with the version of perl included in rh9. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here are updated gaim packages to QA: db9890ac5ebc8332142acaf15e40458737f09e33 7.3/gaim-1.2.1-0.73.1.legacy.i386.rpm 3e0dcb3357d8a6ce734a96a266e8ab0c9d6054cd 7.3/gaim-1.2.1-0.73.1.legacy.src.rpm 054c3fc689b96d40e137fcecf5685bcf358dcbd5 9/gaim-1.2.1-0.90.1.legacy.i386.rpm b335015f69cb398dc71ea41e90f9fbfc4545e8a4 9/gaim-1.2.1-0.90.1.legacy.src.rpm f8fd03f350558a6e5b091110fc7d8f40bff50214 1/gaim-1.2.1-1.fc1.1.legacy.i386.rpm 1e8305ad9bc8083c46a825878bf3c952914cc8e1 1/gaim-1.2.1-1.fc1.1.legacy.src.rpm http://www.infostrategique.com/linuxrpms/legacy/7.3/gaim-1.2.1-0.73.1.legacy.i386.rpm http://www.infostrategique.com/linuxrpms/legacy/7.3/gaim-1.2.1-0.73.1.legacy.src.rpm http://www.infostrategique.com/linuxrpms/legacy/9/gaim-1.2.1-0.90.1.legacy.i386.rpm http://www.infostrategique.com/linuxrpms/legacy/9/gaim-1.2.1-0.90.1.legacy.src.rpm http://www.infostrategique.com/linuxrpms/legacy/1/gaim-1.2.1-1.fc1.1.legacy.i386.rpm http://www.infostrategique.com/linuxrpms/legacy/1/gaim-1.2.1-1.fc1.1.legacy.src.rpm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFCYSOjLMAs/0C4zNoRAqHcAJ4gVtCd7l0uvKFB6xLWnco23185fACdHZha eLNYo4fkUbC6LhQ9qPwSEdA= =WCkI -----END PGP SIGNATURE----- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 QA w/ rpm-build-compare.sh: - source integrity good - RHL73 spec file compares to the previous FL package OK; RHL9 matches RHEL3; FC1 is pretty close to both previous FL and RHEL3 - patches verified to come from RHEL3 +PUBLISH RHL73,RHL9,FC1 3e0dcb3357d8a6ce734a96a266e8ab0c9d6054cd gaim-1.2.1-0.73.1.legacy.src.rpm b335015f69cb398dc71ea41e90f9fbfc4545e8a4 gaim-1.2.1-0.90.1.legacy.src.rpm 1e8305ad9bc8083c46a825878bf3c952914cc8e1 gaim-1.2.1-1.fc1.1.legacy.src.rpm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFCYT09GHbTkzxSL7QRAkfxAJ0VcBkIQxVxJr4ch2j/YUhEAynexACgxrPP FOrv2qyu3dk6DFaGxmsl2Oc= =QrDZ -----END PGP SIGNATURE----- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dude just rebuild my gaim packages with the right switches at the top set, and push it into updates. It'll work. (Thursday, April 28th, 2005 <--- so this message cannot be replayed) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFCccfsa93+jlSirPERAj12AJkB+kFblBcXzZUqEpU2ekysIf7nzACeLznZ KhBvnszdQ06iU+pfq8glYg8= =YPQQ -----END PGP SIGNATURE----- Packages were pushed to updates-testing -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 7.3 Verify: sha1: 70712d44b9190d1ee829674e646453fc22fadf55 gaim-1.2.1-0.73.2.legacy.i386.rpm signatures: gaim-1.2.1-0.73.2.legacy.i386.rpm: md5 gpg OK packages update with out any errors or warnings. After update, I did a jabber and an AIM conversation. Everything seems to be working as expected. +VERIFY RHL7.3 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFCgSSb+CqvSzp9LOwRAguFAKCAFWez6plUBE2tYgB1iDFz9fHJYgCfRHFw Q0yv/AL35/RPJA4Of+umDf0= =+36Z -----END PGP SIGNATURE----- 05.19.22 CVE: CAN-2005-1261 Platform: Cross Platform Title: Gaim Remote URI Handling Buffer Overflow Description: Gaim is an instant messaging client that supports numerous protocols. It is reported to be vulnerable to a remote buffer overflow issue due to improper handling of long URIs. Gaim versions 1.2.1 and earlier are reported to be vulnerable. Ref: http://www.securityfocus.com/bid/13590 05.19.23 CVE: CAN-2005-1262 Platform: Cross Platform Title: Gaim Remote MSN protocol Denial Of Service Description: Gaim is an instant messaging client. It is vulnerable to a denial of service issue in its MSN protocol handling code when it receives an empty SLP message. Gaim versions 1.3.0 and eariler are reported to be vulnerable. Ref: http://rhn.redhat.com/errata/RHSA-2005-429.html Note: #158543 supercedes this, please QA it (instead). Unless superceded, timeout in 4 weeks. Timeout over. These aren't even in updates-testing anymore. I'm not going to release them. We need QA for #158543 instead. *** This bug has been marked as a duplicate of 158543 *** |