LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Serve your customers, not your servers, with VERIO Linux VPS. Full-access test-drive here.

Recent Features

Notes on the Viacom ruling

LWN.net Weekly Edition for July 3, 2008

More DTrace envy

LWN.net Weekly Edition for June 26, 2008

Symbian to be another open mobile platform

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Debian-Testing alert DTSA-55-1 (centerim)



From:
    	      Steffen Joeris <white@debian.org>


To:
    	      secure-testing-announce@lists.alioth.debian.org


Subject:
    	      [SECURITY] [DTSA-55-1] New centerim packages fix multiple buffer
 overflows


Date:
    	      Wed, 22 Aug 2007 16:55:24 +1000


Message-ID:
    	      <200709011437.47963.white@debian.org>


- --------------------------------------------------------------------------
Debian Testing Security Advisory DTSA-55-1                September 1st , 2007
secure-testing-team at lists.alioth.debian.org                 Steffen Joeris
http://secure-testing-master.debian.net/
- --------------------------------------------------------------------------

Package        : centerim
Vulnerability  : buffer overflows
Problem-Scope  : remote
Debian-specific: no
CVE ID         : CVE-2007-3713

It was discovered that there are multiple buffer overflows, which could lead 
to the execution of arbitrary code.

For the testing distribution (lenny) this is fixed in version
4.22.1-2lenny1

For the unstable distribution (sid) this is fixed in version
4.22.1-2.1

This upgrade is recommended if you use centerim
(centerim-common, centerim, centerim-utf8, centerim-fribidi, centericq, 
centericq-utf8, centericq-fribidi)

Upgrade Instructions
- --------------------

To use the Debian testing security archive, add the following lines to
your /etc/apt/sources.list:

deb http://security.debian.org/ testing/updates main contrib non-free
deb-src http://security.debian.org/ testing/updates main contrib non-free

To install the update, run this command as root:

apt-get update && apt-get upgrade

For further information about the Debian testing security team, please refer
to http://secure-testing-master.debian.net/

_______________________________________________
secure-testing-announce mailing list
secure-testing-announce@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-te...
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.