A buffer overflow has been found in Gaim. It is possible for a remote attacker to send a message containing a very long URL to overflow a buffer. This attack is mitigated by the fact that not all the messaging protocols allow messages long enough to overflow this particular buffer.
Created attachment 114072 [details] Upstream patch
This issue should also affect RHEL3 and may affect RHEL2.1
This issue is going to be RHSA-2005:429
public, removing embargo
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-432.html
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-429.html