Bug 65263 - security issues in gaim 0.57
security issues in gaim 0.57
Product: Red Hat Linux
Classification: Retired
Component: gaim (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Christopher Blizzard
: Security
Depends On:
  Show dependency treegraph
Reported: 2002-05-21 02:05 EDT by Matt Selsky
Modified: 2008-05-01 11:38 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2002-08-06 03:12:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Matt Selsky 2002-05-21 02:05:14 EDT
The gaim project has released version 0.58 to fix security problems in 0.57

 * Bug-fix for potential buffer overflow in Jabber plugin. (Thanks, rwscott)
 * Tempfiles used for secure MSN/HotMail login (added in 0.57) are now
themselves created securely.

See http://gaim.sourceforge.net/ChangeLog for the complete change log.

This should be fixed since versions <=0.57 contained several bugfixes which
would be nice to have in place.
Comment 1 Warren Togami 2002-05-22 06:38:55 EDT
When this is fixed, please also apply the htmlview default patch in Bug 63115 in
order to fix that minor bug.
Comment 2 Mark J. Cox (Product Security) 2002-05-22 06:49:38 EDT
Just a note that the "Tempfiles used for secure MSN/HotMail login (added in
0.57) are now themselves created securely." issue only affects version 0.57 of
gaim (verified) and therefore does not affect the versions of gaim that we have
shipped in Red Hat Linux releases.
Comment 3 Warren Togami 2002-07-10 08:00:02 EDT
Fixed, 0.59 is in Limbo beta.
Comment 4 Matt Selsky 2002-07-10 11:55:14 EDT
Sounds good to me.  Thanks, guys.
Comment 5 Christopher Blizzard 2002-07-10 12:17:04 EDT
Waiting for errata.
Comment 6 Mark J. Cox (Product Security) 2002-08-06 03:12:08 EDT
An errata has been issued which should help the problem described in this bug report. 
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen 
this bug report if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.