centericq -- several vulnerabilities

2005-09-15T00:00:00
ID DSA-813
Type debian
Reporter Debian
Modified 2005-09-15T00:00:00

Description

Several problems have been discovered in libgadu which is also part of centericq, a text-mode multi-protocol instant messenger client. The Common Vulnerabilities and Exposures project identifies the following problems:

Multiple integer signedness errors may allow remote attackers to cause a denial of service or execute arbitrary code.

Memory alignment errors may allows remote attackers to cause a denial of service on certain architectures such as sparc.

Several endianess errors may allow remote attackers to cause a denial of service.

The old stable distribution (woody) is not affected by these problems.

For the stable distribution (sarge) these problems have been fixed in version 4.20.0-1sarge2.

For the unstable distribution (sid) these problems have been fixed in version 4.20.0-9.

We recommend that you upgrade your centericq package.